In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
If client send smb2 negotiate request and then send smb1 negotiate
request, init_smb2_rsp_hdr is called for smb1 negotiate request since
need_neg is set to false. This patch ignore smb1 packets after ->need_neg
is set to false.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-02-21T07:21:01.075Z
Updated: 2024-09-11T17:33:54.916Z
Reserved: 2024-02-20T12:30:33.291Z
Link: CVE-2023-52441
Vulnrichment
Updated: 2024-08-02T22:55:41.809Z
NVD
Status : Modified
Published: 2024-02-21T08:15:45.463
Modified: 2024-05-28T20:16:22.480
Link: CVE-2023-52441
Redhat
No data.