{"id":"CVE-2023-1194","details":"An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of `NameOffset` in the `parse_lease_state()` function, the `create_context` object can access invalid memory.","modified":"2026-03-13T06:50:33.696482Z","published":"2023-11-03T08:15:07.490Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-1194"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20231221-0006/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154176"},{"type":"FIX","url":"https://www.spinics.net/lists/stable-commits/msg303065.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.15"},{"fixed":"5.15.145"}]},{"events":[{"introduced":"5.16"},{"fixed":"6.1.34"}]},{"events":[{"introduced":"6.2"},{"fixed":"6.3.8"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1194.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}