SMB: Linux Kernel ksmbd Session Key Exchange Heap Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Linux Kernel. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of kernel space of the target server.
Extended Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.
Affected Products
Linux linux_kernel
Short Name
SMB:OF:LINUX-KSMDB-KEYEXCHNG-BO
Severity
Major
Recommended
True
Recommended Action
None
Category
SMB
Keywords
Buffer CVE-2023-52440 Exchange Heap Kernel Key Linux Overflow Session ksmbd
Release Date
05/31/2024
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3710
False Positive
Unknown
Vendors
Linux