Bug 2243624 (CVE-2023-38432) - CVE-2023-38432 kernel: ksmbd: out-of-bounds read in ksmbd_smb2_check_message
Summary: CVE-2023-38432 kernel: ksmbd: out-of-bounds read in ksmbd_smb2_check_message
Keywords:
Status: NEW
Alias: CVE-2023-38432
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-10-12 09:06 UTC by Alex
Modified: 2023-10-12 13:16 UTC (History)
40 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A flaw was found in the Linux kernel before 6.3.10, where fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification. This issue leads to an out-of-bounds read.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Alex 2023-10-12 09:06:24 UTC
A flaw in the Linux Kernel found. An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.

Reference:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d


Note You need to log in before you can comment on or make changes to this bug.