-
CVE-2023-54250
- EPSS 0.03%
- Veröffentlicht 30.12.2025 12:15:47
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decode_preauth_ctxt() Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within the SMB request boundary; deassemble_neg_contexts() only checks that the eight byte smb2_neg_context header + (client controlled) DataLength are within the packet boundary, which is insufficient. Checking for sizeof(struct smb2_preauth_neg_context) is overkill given that the type currently assumes SMB311_SALT_SIZE bytes of trailing Salt.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Version <
39f5b4b313b445c980a2a295bed28228c29228ed
Status
affected
Version
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Version <
a2f6ded41bec1d3be643c80a5eb97f1680309001
Status
affected
Version
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Version <
f02edb9debbd36f44efa7567031485892c7df60d
Status
affected
Version
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Version <
e7067a446264a7514fa1cfaa4052cdb6803bc6a2
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.15
Status
affected
Version
0
Version <
5.15
Status
unaffected
Version <=
5.15.*
Version
5.15.145
Status
unaffected
Version <=
6.1.*
Version
6.1.25
Status
unaffected
Version <=
6.2.*
Version
6.2.12
Status
unaffected
Version <=
*
Version
6.3
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.099 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|