Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2023-72241
HistoryJul 19, 2023 - 12:00 a.m.

Linux kernel smb2misc.c file out-of-bounds read vulnerability

2023-07-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
linux kernel
smb2misc.c
out-of-bounds read
vulnerability
fs
smb
server
exploit
attacker
rfc1002
length specification

0.001 Low

EPSS

Percentile

45.9%

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.10, which stems from the fact that fs/smb/server/smb2misc.c does not validate the relationship between the command load size and the RFC1002 length specification, and can be exploited by an attacker to cause an out-of-bounds read.

CPENameOperatorVersion
linux linux kernellt6.3.10