216.73.217.64

CVE-2023-4130

· Published 16/08/2025 14:15 · Modified 16/08/2025 14:15

Labels: CVE-2023-4130 2025-08-16416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2023-4130

Essential information

Published
16/08/2025 14:15
Modified
16/08/2025 14:15
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request from client. ksmbd find next smb2_ea_info using ->NextEntryOffset of current smb2_ea_info. ksmbd need to validate buffer length Before accessing the next ea. ksmbd should check buffer length using buf_len, not next variable. next is the start offset of current ea that got from previous ea.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

Affected products (CPE)

ProductCPE
linux / kernel cpe:2.3:o:linux:kernel:*:*:*:*:*:*:*:*

References