| === ebarretto_ is now known as ebarretto | ||
| Guest16 | Hi Ubuntu Security Team, As per https://ubuntu.com/security/CVE-2023-38430 , is it correct to say that CVE-2023-38430 is applicable only when ksmbd-tools package is installed? | 12:55 |
|---|---|---|
| -ubottu:#ubuntu-security- An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38430> | 12:55 | |
| mdeslaur | Guest16: the kernel interface is likely still vulnerable even if you don't have the userspace tools installed | 12:58 |
| JanC | considering it (potentially) results in KASAN warnings (or panics, depending on config) that seems very likely | 14:43 |
| sdeziel | the CVE link has a note saying: > needs ksmbd-tools installed to enable the service, which is not installed by default. | 14:45 |
| JanC | there are no other applications that can enable it? | 14:48 |
| mdeslaur | I mean, an attacker could poke at the kernel interface directly without the userspace tools | 14:54 |
| mdeslaur | not sure how "applicable" we're looking for | 14:55 |
| mdeslaur | "will my kernel crash by itself" vs "can an attacker crash my kernel even without the userspace tools installed" | 14:56 |
| teward | security team, a question regarding the OVALs came by - https://askubuntu.com/questions/1504371/ubuntu-22-04-lts-oval-missing-version-check-for-vulnerability-in-older-kernel - not sure fi this is relevant or if Security wants to respond authoritatively | 17:40 |
| ebarretto | teward, thanks for the heads up. I'm already eod but I will reply to it first thing tomorrow | 18:28 |
| teward | ebarretto: no worries, just wanted to put it on the radar i'll respond that I pushed it to the SEcurity team for handling and they're projecting to reply in the next 24 hours | 23:26 |
| teward | ebarretto: i see you already put in a reply and it got a downvote so I tossed a grenade into the ring with the "This is an official response by a member of the Ubuntu Security Team, if you downvote you should explain why" xD | 23:30 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!