CVE-2023-1194
CVSS v3.1
8.1 (High)
EPSS
0.07 % (30th)
Affected Products
2
Advisories
2
NVD Status
Analyzed
An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset
in the parse_lease_state()
function, the create_context
object can access invalid memory.
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Red Hat, Inc.
- Published Date
-
2023-11-03 08:15:07
(10 months ago) - Updated Date
-
2024-08-21 18:20:30
(3 weeks ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...