CVE-2023-38431
CVSS v3.1
9.1 (Critical)
EPSS
0.15 % (52th)
Affected Products
6
Advisories
4
NVD Status
Analyzed
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
Weaknesses
- CWE-125
- Out-of-bounds Read
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- MITRE
- Published Date
-
2023-07-18 00:15:09
(14 months ago) - Updated Date
-
2024-06-18 15:10:03
(3 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...