CVE-2023-54203Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr When smb1 mount fails, KASAN detect slab-out-of-bounds in init_smb2_rsp_hdr like the following one. For smb1 negotiate(56bytes) , init_smb2_rsp_hdr() for smb2 is called. The issue occurs while handling smb1 negotiate as smb2 server operations. Add smb server operations for smb1 (get_cmd_val, init_rsp_hdr, allocate_rsp_buf, check_user_session) to handle smb1 negotiate so that s

Affected Packages4 packages

Linuxlinux/linux_kernel5.15.1055.15.145+2
Ubuntulinux/linux_kernel< 5.15.0-102.112
CVEListV5linux/linux51a8534c0f35c0401e45f1055f914729cad98bf9921536046bd165efeb07beef5630aff35cd6a489+6
debiandebian/linux

🔴Vulnerability Details

3
OSV
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr2025-12-30
GHSA
GHSA-92h7-9rvh-996h: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr When smb1 mount fails, KASAN2025-12-30
OSV
CVE-2023-54203: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr When smb1 mount fails, KASAN de2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr2025-12-30
Debian
CVE-2023-54203: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54203 Impact, Exploitability, and Mitigation Steps | Wiz