retired/CVE-2023-0210


1
2
3
4
5
6
7
8
9
10
11
12

Description: ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob
References:
 https://www.openwall.com/lists/oss-security/2023/01/04/1
Notes:
 carnil> For 6.1.y fixed in 6.1.5.
Bugs:
upstream: released (6.2-rc4) [797805d81baa814f76cf7bdab35f86408a79d707]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.1.7-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"