Bug 1213422 (CVE-2023-38427)

Summary: VUL-0: CVE-2023-38427: kernel-source-rt,kernel-source,kernel-source-azure: out-of-bound read in deassemble_neg_contexts()
Product: [Novell Products] SUSE Security Incidents Reporter: Thomas Leroy <thomas.leroy>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: jlee, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/372753/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Thomas Leroy 2023-07-18 10:07:45 UTC 
CVE-2023-38427

An issue was discovered in the Linux kernel before 6.3.8.
fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read
in deassemble_neg_contexts.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38427
https://www.cve.org/CVERecord?id=CVE-2023-38427
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b
Comment 1 Thomas Leroy 2023-07-18 10:09:29 UTC 
Only stable ships ksmbd but it already has the fix
Comment 2 Joey Lee 2023-07-24 07:00:45 UTC 
(In reply to Thomas Leroy from comment #1)
> Only stable ships ksmbd but it already has the fix

commit f1a411873c85b642f13b01f21b534c2bab81fc1b         [v6.4-rc6~2^2~4]
Author: Namjae Jeon <linkinjeon@kernel.org>
Date:   Sun May 28 00:23:09 2023 +0900

    ksmbd: fix out-of-bound read in deassemble_neg_contexts()


update status:

stable        [v6.4, already included]

reset assigner
Comment 3 Gabriele Sonnu 2024-06-07 15:18:21 UTC 
All, done,, closing.