In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
If client send smb2 negotiate request and then send smb1 negotiate
request, init_smb2_rsp_hdr is called for smb1 negotiate request since
need_neg is set to false. This patch ignore smb1 packets after ->need_neg
is set to false.
Metrics
Affected Vendors & Products
References
History
Mon, 04 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 12 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-02-21T07:21:01.075Z
Updated: 2024-12-19T08:19:33.633Z
Reserved: 2024-02-20T12:30:33.291Z
Link: CVE-2023-52441
Vulnrichment
Updated: 2024-08-02T22:55:41.809Z
NVD
Status : Modified
Published: 2024-02-21T08:15:45.463
Modified: 2024-11-21T08:39:46.177
Link: CVE-2023-52441
Redhat
No data.