CVE-2023-38429

CVSS v3.1 9.8 (Critical)

EPSS 0.19 % (56^th)

Affected Products 1

Advisories 9

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.

Weaknesses

CWE-193: Off-by-one Error

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2023-07-18 00:15:09
(14 months ago)
Updated Date: 2023-12-22 21:34:39
(8 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.15 version and prior 5.15.113 version	cpe:2.3:o:linux:linux_kernel	>= 5.15	< 5.15.113
Linux Kernel from 5.16 version and prior 6.1.30 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.30
Linux Kernel from 6.2 version and prior 6.3.4 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.3.4