Уязвимость CVE-2023-3865

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	6.3.11-1		package
linux	fixed	6.1.37-1	bookworm	package
linux	not-affected		bullseye	package
linux	not-affected		buster	package

CVE-2023-3865

CVSS3: 7.1

ubuntu

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.

CVE-2023-3865

CVSS3: 7.1

redhat

больше 2 лет назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.

CVE-2023-3865

CVSS3: 7.1

nvd

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.

GHSA-mr68-gqxj-cfm9

CVSS3: 7.1

github

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.

BDU:2023-04742

CVSS3: 7.1

fstec

больше 2 лет назад

Уязвимость функции ksmbd_smb2_check_message ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

exploitDog

CVE-2023-3865

Описание

Пакеты

Примечания

Связанные уязвимости