CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.

Browse files

ksmbd: fix memory leak in smb2\_handle\_negotiate

The allocated memory didn't free under an error
path in smb2\_handle\_negotiate().

Fixes: e2f3448 ("cifsd: add server-side procedures for SMB3")
Cc: stable@vger.kernel.org
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-17815
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Reviewed-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>

*   Loading branch information

namjaejeon authored and Steve French committed

Aug 1, 2022

1 parent af7c39d commit aa7253c2393f6dcd6a1468b0792f6da76edad917

Headline

CVE-2022-47941: ksmbd: fix memory leak in smb2_handle_negotiate · torvalds/linux@aa7253c

CVE: Latest News