CVE-2023-54250
Out-of-Bounds Access in Linux Kernel ksmbd SMB2 Neg Context
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's ksmbd component involves an out-of-bounds access in the decode_preauth_ctxt() function. Specifically, the code did not properly confirm that the accessed HashAlgorithms address was within the SMB request boundary, leading to potential memory access issues. The existing check only verified the SMB2 negotiation context header and client-controlled DataLength, which was insufficient to prevent out-of-bounds access.
How can this vulnerability impact me? :
The vulnerability could lead to out-of-bounds memory access, which may cause system instability, crashes, or potentially allow an attacker to read or manipulate memory beyond intended boundaries. This could be exploited to compromise system security or cause denial of service.