{"id":"CVE-2023-3867","summary":"ksmbd: fix out of bounds read in smb2_sess_setup","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().","modified":"2026-04-02T09:07:52.469609Z","published":"2025-08-16T13:29:51.946Z","related":["SUSE-SU-2025:03272-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3867.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2ba03cecb12ac7ac9e0170e251543c56832d9959"},{"type":"WEB","url":"https://git.kernel.org/stable/c/676392184785ace61e939831e7ca44a03d438c3b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/98422bdd4cb3ca4d08844046f6507d7ec2c2b8d8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ef572ffa8eb44111eed2925fbb2adca78bdcbf61"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3867.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3867"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0626e6641f6b467447c81dd7678a69c66f7746cf"},{"fixed":"676392184785ace61e939831e7ca44a03d438c3b"},{"fixed":"ef572ffa8eb44111eed2925fbb2adca78bdcbf61"},{"fixed":"2ba03cecb12ac7ac9e0170e251543c56832d9959"},{"fixed":"98422bdd4cb3ca4d08844046f6507d7ec2c2b8d8"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3867.json"}}],"schema_version":"1.7.5"}