CVE-2023-4130
EUVD-2023-5401216.08.2025, 14:15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request from client. ksmbd find next smb2_ea_info using ->NextEntryOffset of current smb2_ea_info. ksmbd need to validate buffer length Before accessing the next ea. ksmbd should check buffer length using buf_len, not next variable. next is the start offset of current ea that got from previous ea.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.15 ≤ 𝑥 < 5.15.127 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.46 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.4.11 |
| linux | linux_kernel | 6.5:rc1 |
| linux | linux_kernel | 6.5:rc2 |
| linux | linux_kernel | 6.5:rc3 |
| linux | linux_kernel | 6.5:rc4 |
| linux | linux_kernel | 6.5:rc5 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||||||
| kernel-azure |
| ||||||||||||
| kernel-default |
| ||||||||||||
| kernel-default-base |
| ||||||||||||
| kernel-docs |
| ||||||||||||
| kernel-macros |
| ||||||||||||
| kernel-obs-build |
| ||||||||||||
| kernel-source |
| ||||||||||||
| kernel-source-azure |
| ||||||||||||
| kernel-syms |
| ||||||||||||
| kernel-syms-azure |
| ||||||||||||
| kernel-zfcpdump |
|