Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2023-52440
HistoryFeb 21, 2024 - 7:21 a.m.

CVE-2023-52440 ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()

2024-02-2107:21:00
Linux
www.cve.org
5
cve-2023-52440
fix slub overflow
ksmbd_decode_ntlmssp_auth_blob()
linux kernel
key exchange codes

EPSS

0

Percentile

15.9%

JSON

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()

If authblob->SessionKey.Length is bigger than session key
size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes.
cifs_arc4_crypt copy to session key array from SessionKey from client.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/auth.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "bd554ed4fdc3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "30fd6521b2fb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "7f1d6cb0eb6a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "ecd7e1c562cb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "4b081ce0d830",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/auth.c"
    ],
    "versions": [
      {
        "version": "5.15.145",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.52",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.4.15",
        "lessThanOrEqual": "6.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.5.2",
        "lessThanOrEqual": "6.5.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

prion 1
debiancve 1
cve 1
zdi 1
ubuntucve 1
nvd 1
vulnrichment 1
redos 1
prion
prion
Spoofing
2024-02-21 08:15:00
debiancve
debiancve
CVE-2023-52440
2024-02-21 08:15:45
cve
cve
CVE-2023-52440
2024-02-21 08:15:45
zdi
zdi
Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability
2024-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2023-52440
2024-02-21 00:00:00
nvd
nvd
CVE-2023-52440
2024-02-21 08:15:45
vulnrichment
vulnrichment
CVE-2023-52440 ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
2024-02-21 07:21:00
redos
redos
ROS-20240813-01
2024-08-13 00:00:00

EPSS

0

Percentile

15.9%

JSON
Related for CVELIST:CVE-2023-52440
prion1debiancve1cve1zdi1ubuntucve1nvd1vulnrichment1redos1