Vulnerabilities of the functions check_session_id(), smb2_check_user_session(), smb2_sess_setup(), smb2_session_logoff(), smb3_decrypt_req(), ksmbd_session_lookup(), ksmbd_session_lookup_slowpath(), and ksmbd_get_encryption_key() in the Linux operating system kernel, allowing a hacker to cause a service failure.

The vulnerabilities of the functions checksessionid, smb2checkusersession, smb2sesssetup, smb2sessionlogoff, smb3decryptreq, ksmbdsessionlookup, ksmbdsessionlookupslowpath, and ksmbdgetencryptionkey in the Linux operating system are related to improper locking mechanisms. Exploiting these...

CVE-2023-52442

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request smb2getmsg in smb2getksmbdtcon and smb2checkusersession will always return the first request smb2 header in a compound request. if SMB2TREECONNECTHE is the first command ...

CVE-2023-52442 ksmbd: validate session id and tree id in compound request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request smb2getmsg in smb2getksmbdtcon and smb2checkusersession will always return the first request smb2 header in a compound request. if SMB2TREECONNECTHE is the first command ...