CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()

🗓️ 16 Aug 2025 13:27:58Reported by LinuxType

ksmbd fixes wrong next length validation of extended attributes buffer in smb2_set_ea

Reporter	Title	Published	Views	Family All 52
AstraLinux	Astra Linux - уязвимость в linux-5.15	20 May 202605:53	–	astralinux
GithubExploit	Exploit for CVE-2023-4130	12 Sep 202501:25	–	githubexploit
Circl	CVE-2023-4130	17 Aug 202500:13	–	circl
CNNVD	Linux kernel 安全漏洞	16 Aug 202500:00	–	cnnvd
CVE	CVE-2023-4130	16 Aug 202513:27	–	cve
Debian CVE	CVE-2023-4130	16 Aug 202513:27	–	debiancve
NVD	CVE-2023-4130	16 Aug 202514:15	–	nvd
OpenVAS	openSUSE Security Advisory (SUSE-SU-2025:03272-1)	22 Sep 202500:00	–	openvas
OpenVAS	openSUSE Security Advisory (SUSE-SU-2025:03301-1)	25 Sep 202500:00	–	openvas
OpenVAS	openSUSE Security Advisory (SUSE-SU-2025:03634-1)	20 Oct 202500:00	–	openvas

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "aeb974907642be095e38ecb1a400ca583958b2b0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "f339d76a3a972601d0738b881b099d49ebbdc3a2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "4bf629262f9118ee91b1c3a518ebf2b3bcb22180",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "79ed288cef201f1f212dfb934bcaac75572fb8f6",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "5.15",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.15",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.127",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.46",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.4.11",
        "lessThanOrEqual": "6.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.5",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/f339d76a3a972601d0738b881b099d49ebbdc3a2
git	www.git.kernel.org/stable/c/4bf629262f9118ee91b1c3a518ebf2b3bcb22180
git	www.git.kernel.org/stable/c/aeb974907642be095e38ecb1a400ca583958b2b0
git	www.git.kernel.org/stable/c/79ed288cef201f1f212dfb934bcaac75572fb8f6

11 May 2026 19:27Current

EPSS0.00009