In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The…
Linux·CWE-476·Published 2025-04-16
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn->preauth_info is not allocated. This patch add KSMBD_SESS_NEED_SETUP status of connection to ignore session setup request if smb2 negotiate phase is not complete.
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn->preauth_info is not allocated. This patch add KSMBD_SESS_NEED_SETUP status of connection to ignore session setup request if smb2 negotiate phase is not complete.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se corrige la desreferencia de puntero nulo en alloc_preauth_hash(). El cliente envía una solicitud de negociación de SMB2 mal formada. ksmbd devuelve una respuesta de error. Posteriormente, el cliente puede enviar la configuración de sesión de SMB2 incluso si conn->preauth_info no está asignado. Este parche añade el estado de conexión KSMBD_SESS_NEED_SETUP para ignorar la solicitud de configuración de sesión si la fase de negociación de SMB2 no se completa.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 5.5 | 1.8 | 3.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |