CVE-2023-52755

HIGH

Linux Kernel 5.15-5.15.140 - Out-of-bounds Write in ksmbd smb_inherit_dacl()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smb_inherit_dacl() slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819

Patch

https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa

Patch

https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70

Patch

https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb

Patch

https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb

Scores

CVSS v3 8.4

EPSS 0.2686

EPSS Percentile 97.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (13)

Linux/Linux < 5.15

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 09d9d8b40a3338193619c14ed4dc040f4f119e70

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 712e01f32e577e7e48ab0adb5fe550646a3d93cb

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 8387c94d73ec66eb597c7a23a8d9eadf64bfbafa

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - aaf0a07d60887d6c36fc46a24de0083744f07819

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - eebff19acaa35820cb09ce2ccb3d21bee2156ffb

Linux/Linux 5.15

Linux/Linux 5.15.140 - 5.15.*

Linux/Linux 6.1.64 - 6.1.*

Linux/Linux 6.5.13 - 6.5.*

... and 3 more

Published May 21, 2024

Tracked Since Feb 18, 2026