Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-47941: ksmbd: fix memory leak in smb2_handle_negotiate · torvalds/linux@aa7253c

An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2_handle_negotiate error conditions, aka a memory leak.

CVE
#microsoft#linux#samba#auth

Browse files

ksmbd: fix memory leak in smb2_handle_negotiate

The allocated memory didn’t free under an error path in smb2_handle_negotiate().

Fixes: e2f3448 (“cifsd: add server-side procedures for SMB3”) Cc: stable@vger.kernel.org Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-17815 Signed-off-by: Namjae Jeon linkinjeon@kernel.org Reviewed-by: Hyunchul Lee hyc.lee@gmail.com Signed-off-by: Steve French stfrench@microsoft.com

  • Loading branch information

namjaejeon authored and Steve French committed

Aug 1, 2022

1 parent af7c39d commit aa7253c2393f6dcd6a1468b0792f6da76edad917

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda