Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-22705

Опубликовано: 23 янв. 2024
Источник: debian

Описание

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed6.6.11-1package
linuxfixed6.1.76-1bookwormpackage
linuxnot-affectedbullseyepackage
linuxnot-affectedbusterpackage

Примечания

  • https://git.kernel.org/linus/d10c77873ba1e9e6b91905018e29e196fd5f863d (6.7-rc8)

Связанные уязвимости

ubuntu логотип

CVE-2024-22705

CVSS3: 7.8
ubuntu
больше 1 года назад

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

redhat логотип

CVE-2024-22705

CVSS3: 7.8
redhat
больше 1 года назад

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

nvd логотип

CVE-2024-22705

CVSS3: 7.8
nvd
больше 1 года назад

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

github логотип

GHSA-2572-4xw7-mcfc

CVSS3: 7.8
github
больше 1 года назад

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

fstec логотип

BDU:2024-00836

CVSS3: 7.8
fstec
больше 1 года назад

Уязвимость функции smb2_get_data_area_len (fs/smb/server/smb2misc.c) файловой системы KSMBD ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.