In the Linux kernel, the following vulnerability has been...
High severity
Unreviewed
Published
Feb 21, 2024
to the GitHub Advisory Database
•
Updated May 1, 2024
Description
Published by the National Vulnerability Database
Feb 21, 2024
Published to the GitHub Advisory Database
Feb 21, 2024
Last updated
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
If client send smb2 negotiate request and then send smb1 negotiate
request, init_smb2_rsp_hdr is called for smb1 negotiate request since
need_neg is set to false. This patch ignore smb1 packets after ->need_neg
is set to false.
References