5.5
CVE-2023-4515
- EPSS 0.14%
- Veröffentlicht 16.08.2025 13:25:50
- Zuletzt bearbeitet 18.11.2025 17:59:02
- CVE-Watchlists
- Unerledigt
ksmbd: validate command request size
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate command request size
In commit 2b9b8f3b68ed ("ksmbd: validate command payload size"), except
for SMB2_OPLOCK_BREAK_HE command, the request size of other commands
is not checked, it's not expected. Fix it by add check for request
size of other commands.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.15.121 < 5.15.127
Linux ≫ Linux Kernel Version >= 6.1.36 < 6.1.46
Linux ≫ Linux Kernel Version >= 6.3.10 < 6.4
Linux ≫ Linux Kernel Version >= 6.4.1 < 6.4.11
Linux ≫ Linux Kernel Version6.4 Update-
Linux ≫ Linux Kernel Version6.5 Updaterc1
Linux ≫ Linux Kernel Version6.5 Updaterc2
Linux ≫ Linux Kernel Version6.5 Updaterc3
Linux ≫ Linux Kernel Version6.5 Updaterc4
Linux ≫ Linux Kernel Version6.5 Updaterc5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/595679098bdcdbfbba91ebe07a2f7f208df93870
https://git.kernel.org/stable/c/c6bef3bc30fd4a175aef846b7d928a6c40d091cd
https://git.kernel.org/stable/c/ff7236b66d69582f90cf5616e63cfc3dc18142bb
https://git.kernel.org/stable/c/5aa4fda5aa9c2a5a7bac67b4a12b089ab81fee3c