CVE-2023-54250

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-54250
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54250.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-54250
Downstream
Published
2025-12-30T12:15:47.467Z
Modified
2026-04-02T09:45:42.401360Z
Summary
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: avoid out of bounds access in decodepreauthctxt()

Confirm that the accessed pnegctxt->HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts() only checks that the eight byte smb2neg_context header + (client controlled) DataLength are within the packet boundary, which is insufficient.

Checking for sizeof(struct smb2preauthnegcontext) is overkill given that the type currently assumes SMB311SALT_SIZE bytes of trailing Salt.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54250.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Fixed
39f5b4b313b445c980a2a295bed28228c29228ed
Fixed
a2f6ded41bec1d3be643c80a5eb97f1680309001
Fixed
f02edb9debbd36f44efa7567031485892c7df60d
Fixed
e7067a446264a7514fa1cfaa4052cdb6803bc6a2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54250.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.145
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.25
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.2.12

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54250.json"