CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

References

Affected packages

Git / github.com/gregkh/linux

Affected ranges

Type: GIT
Repo: https://github.com/gregkh/linux
Events: Introduced

00a2ff79c5cc8da6eeffd4a20dceee76221bcce8

Fixed

5729a900a07b7f166b94577c543d44c4c42e5ec3

Introduced

c9c3395d5e3dcc6daee66c6908354d47bf98cb0c

Fixed

ccb9e5858c7c01929b3d539b6b835b247e3934a0

Introduced

dc7089468610f429e9264420c43d5a3625fd5d8b

Fixed

fbcbf201ca98eae7adb50068c6146c596accea64

Introduced

df0cc57e057f18e44dac8e6c18aba47ab53202f9

Fixed

bf4ad6fa4e5332e53913b073d0219319a4091619

Affected versions

v5.*

v5.16

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2.1

v6.2.10

v6.2.11

v6.2.12

v6.2.13

v6.2.14

v6.2.15

v6.2.16

v6.2.2

v6.2.3

v6.2.4

v6.2.5

v6.2.6

v6.2.7

v6.2.8

v6.2.9

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.3.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32248.json"