{"id":"CVE-2023-4515","summary":"ksmbd: validate command request size","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it's not expected. Fix it by add check for request\nsize of other commands.","modified":"2026-03-20T12:30:46.742898Z","published":"2025-08-16T13:25:50.562Z","related":["SUSE-SU-2025:03272-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4515.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/595679098bdcdbfbba91ebe07a2f7f208df93870"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5aa4fda5aa9c2a5a7bac67b4a12b089ab81fee3c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6bef3bc30fd4a175aef846b7d928a6c40d091cd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ff7236b66d69582f90cf5616e63cfc3dc18142bb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4515.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4515"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"35f450f54dca1519bb24faacd0428db09f89a11f"},{"fixed":"595679098bdcdbfbba91ebe07a2f7f208df93870"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9650cf70ec9d94ff34daa088b643229231723c26"},{"fixed":"c6bef3bc30fd4a175aef846b7d928a6c40d091cd"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d"},{"fixed":"ff7236b66d69582f90cf5616e63cfc3dc18142bb"},{"fixed":"5aa4fda5aa9c2a5a7bac67b4a12b089ab81fee3c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"768caf4019f0391c0b6452afe34cea1704133f7b"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4515.json"}}],"schema_version":"1.7.5"}