Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-38428HistoryJul 18, 2023 - 12:15 a.m.
CVE-2023-38428
2023-07-1800:15:09
Debian Security Bug Tracker
security-tracker.debian.org
8
linux kernel
username
security buffer
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
46.0%
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.37-1 | linux_6.1.37-1_all.deb |
| Debian | 11 | all | linux | < 5.10.209-2 | linux_5.10.209-2_all.deb |
| Debian | 10 | all | linux | < 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | < 6.3.7-1 | linux_6.3.7-1_all.deb |
| Debian | 13 | all | linux | < 6.3.7-1 | linux_6.3.7-1_all.deb |
Related
cbl_mariner
cbl_mariner
CVE-2023-38428 affecting package kernel for versions less than 5.15.122.1-2
2023-08-10 16:37:57
CVE-2023-38428 affecting package kernel 5.10.185.1-1
2023-08-15 16:37:27
cvelist
cvelist
CVE-2023-38428
2023-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2023-38428
2023-07-18 00:00:00
cve
cve
CVE-2023-38428
2023-07-18 00:15:09
nvd
nvd
CVE-2023-38428
2023-07-18 00:15:09
cnvd
cnvd
Linux kernel smb2pdu.c file out-of-bounds read vulnerability
2023-07-19 00:00:00
prion
prion
Out-of-bounds
2023-07-18 00:15:00
openvas
openvas
Ubuntu: Security Advisory (USN-6339-1)
2023-09-06 00:00:00
Ubuntu: Security Advisory (USN-6350-1)
2023-09-07 00:00:00
Ubuntu: Security Advisory (USN-6351-1)
2023-09-07 00:00:00
ubuntu
ubuntu
Linux kernel (Intel IoTG) vulnerabilities
2023-09-18 00:00:00
Linux kernel vulnerabilities
2023-09-11 00:00:00
Linux kernel (GKE) vulnerabilities
2023-09-06 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6339-1)
2023-09-05 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6339-4)
2023-09-18 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6350-1)
2023-09-06 00:00:00
osv
osv
linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-raspi vulnerabilities
2023-09-11 18:34:01
linux-gke, linux-gkeop vulnerabilities
2023-09-06 21:41:12
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
46.0%
Related for DEBIANCVE:CVE-2023-38428