exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2024-26980

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation could be skipped. if request size is smaller than sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in smb2_allocate_rsp_buf(). This patch allocate response buffer after decrypting transform request. smb3_decrypt_req() will validate transform request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().

CVSS3: 5.5

EPSS: Низкий

CVE-2024-26980

около 1 года назад

CVSS3: 5.5

EPSS: Низкий

CVE-2024-26980

около 1 года назад

CVSS3: 5.5

EPSS: Низкий

CVE-2024-26980

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: k ...

CVSS3: 5.5

EPSS: Низкий

GHSA-rmx7-cw76-79w4

около 1 года назад

CVSS3: 5.5

EPSS: Низкий

BDU:2024-03640

около 1 года назад

Уязвимость функции __handle_ksmbd_work() реализации сетевого протокола SMB (Server Message Block) внутриядерного CIFS/SMB3-сервера ksmbd server ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

ROS-20240927-07

9 месяцев назад

Множественные уязвимости kernel-lt

CVSS3: 9.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-26980 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation could be skipped. if request size is smaller than sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in smb2_allocate_rsp_buf(). This patch allocate response buffer after decrypting transform request. smb3_decrypt_req() will validate transform request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().	CVSS3: 5.5	0% Низкий	около 1 года назад
CVE-2024-26980 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation could be skipped. if request size is smaller than sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in smb2_allocate_rsp_buf(). This patch allocate response buffer after decrypting transform request. smb3_decrypt_req() will validate transform request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().	CVSS3: 5.5	0% Низкий	около 1 года назад
CVE-2024-26980 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation could be skipped. if request size is smaller than sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in smb2_allocate_rsp_buf(). This patch allocate response buffer after decrypting transform request. smb3_decrypt_req() will validate transform request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().	CVSS3: 5.5	0% Низкий	около 1 года назад
CVE-2024-26980 In the Linux kernel, the following vulnerability has been resolved: k ...	CVSS3: 5.5	0% Низкий	около 1 года назад
GHSA-rmx7-cw76-79w4 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation could be skipped. if request size is smaller than sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in smb2_allocate_rsp_buf(). This patch allocate response buffer after decrypting transform request. smb3_decrypt_req() will validate transform request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().	CVSS3: 5.5	0% Низкий	около 1 года назад
BDU:2024-03640 Уязвимость функции __handle_ksmbd_work() реализации сетевого протокола SMB (Server Message Block) внутриядерного CIFS/SMB3-сервера ksmbd server ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	0% Низкий	около 1 года назад
ROS-20240927-07 Множественные уязвимости kernel-lt	CVSS3: 9.1		9 месяцев назад

Уязвимостей на страницу