摘要:
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header s length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
安全等级: Low
公告ID: KylinSec-SA-2023-1582
发布日期: 2023年8月1日
关联CVE: CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header s length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
cve名称 | 产品 | 组件 | 是否受影响 |
---|---|---|---|
CVE-2023-38431 | KY3.4-4A | kernel | Unaffected |
CVE-2023-38431 | KY3.4-5 | kernel | Unaffected |
CVE-2023-38431 | KY3.5.1 | kernel | Unaffected |