cbcvebase.
CVE-2023-52442
published 2024-02-21

CVE-2023-52442: In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in…

PriorityP336medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
17.44%
96.7th percentile
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a compound request. if `SMB2_TREE_CONNECT_HE` is the first command in compound request, will return 0, i.e. The tree id check is skipped. This patch use ksmbd_req_buf_next() to get current command in compound.

Affected

14 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 6.1.55-1 (bookworm)linux 6.1.55-1 (bookworm)
linuxlinux
linuxlinux>= 0626e6641f6b467447c81dd7678a69c66f7746cf < 017d85c94f02090a87f4a473dbe0d6ee0da72693017d85c94f02090a87f4a473dbe0d6ee0da72693
linuxlinux>= 0626e6641f6b467447c81dd7678a69c66f7746cf < becb5191d1d5fdfca0198a2e37457bbbf4fe266fbecb5191d1d5fdfca0198a2e37457bbbf4fe266f
linuxlinux>= 0626e6641f6b467447c81dd7678a69c66f7746cf < 4c2b350b2e269e3fd17bbfa42de1b42775b777ac4c2b350b2e269e3fd17bbfa42de1b42775b777ac
linuxlinux>= 0626e6641f6b467447c81dd7678a69c66f7746cf < 3df0411e132ee74a87aa13142dfd2b190275332e3df0411e132ee74a87aa13142dfd2b190275332e
linuxlinux_kernel
linuxlinux_kernel>= 0 < 6.1.55-16.1.55-1
linuxlinux_kernel>= 0 < 6.5.3-16.5.3-1
linuxlinux_kernel>= 0 < 6.5.3-16.5.3-1
linuxlinux_kernel>= 0 < 5.15.0-102.1125.15.0-102.112
linuxlinux_kernel>= 5.15 < 5.15.1455.15.145
linuxlinux_kernel>= 5.16 < 6.1.536.1.53
linuxlinux_kernel>= 6.2 < 6.4.166.4.16

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv8.1HIGH
vendor_ubuntu7.1HIGH
vendor_debian5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.