Slub Overflow Vulnerability in ksmbd_decode_ntlmssp_auth_blob()

Slub Overflow Vulnerability in ksmbd_decode_ntlmssp_auth_blob()

CVE-2023-52440 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.