CVE-2023-52441: 
Linux Debian vulnerability analysis and mitigation

CVE-2023-52441 is a vulnerability in the Linux kernel's ksmbd component, discovered and disclosed in 2023. The vulnerability affects Linux kernel versions from 5.15.0 up to (excluding) 5.15.145, from 5.16.0 up to (excluding) 6.1.53, and from 6.2.0 up to (excluding) 6.4.16. The issue occurs in the init_smb2_rsp_hdr() function when a client sends an SMB2 negotiate request followed by an SMB1 negotiate request (NVD).

The vulnerability is an out-of-bounds memory access issue in the init_smb2_rsp_hdr() function of the ksmbd component. The problem occurs because when a client sends an SMB2 negotiate request followed by an SMB1 negotiate request, init_smb2_rsp_hdr is called for the SMB1 negotiate request since need_neg is set to false. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access required with low attack complexity (NVD).

The vulnerability could potentially lead to out-of-bounds memory access in the Linux kernel, which could result in high impacts on confidentiality, integrity, and availability of the affected system. This is reflected in the CVSS scoring which assigns high impact ratings for all three security objectives (NVD).

The vulnerability has been fixed in Linux kernel versions 5.15.145, 6.1.53, and 6.4.16. The fix involves ignoring SMB1 packets after need_neg is set to false. The patch has been implemented across multiple kernel versions and distributions. Ubuntu has released fixes for various kernel versions including 5.15.0-102.112 for 22.04 LTS and 5.15.0-1057.63 for AWS systems (Ubuntu).