Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:ksmbd: fix null pointer dereference error in generate_encryptionkeyIf client send two session setups with krb5 authenticate to ksmbd,null pointer dereference error in generate_encryptionkey could happen.sess->Preauth_HashValue is set to NULL if session is valid.So this patch skip generate encryption key if session is valid.
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores