CVE-2023-38431

2023-07-1800:15:09

CWE-125

[email protected]

web.nvd.nist.gov

linux kernel

ksmbd

out-of-bounds read

netbios

smb header

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.002

Percentile

52.0%

JSON

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header’s length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.

Affected configurations

Nvd

Node

linuxlinux_kernelRange5.15–5.15.145

linuxlinux_kernelRange5.16–6.1.34

linuxlinux_kernelRange6.2–6.3.8

Node

netappsolidfire_\&_hci_management_nodeMatch-

netapph300sMatch-

netapph410sMatch-

netapph500sMatch-

netapph700sMatch-

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
netappsolidfire_\&_hci_management_node-cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
netapph300s-cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
netapph410s-cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
netapph500s-cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
netapph700s-cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
netapp	solidfire_\&_hci_management_node	-	cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::*
netapp	h300s	-	cpe:2.3:h:netapp:h300s:-:::::::*
netapp	h410s	-	cpe:2.3:h:netapp:h410s:-:::::::*
netapp	h500s	-	cpe:2.3:h:netapp:h500s:-:::::::*
netapp	h700s	-	cpe:2.3:h:netapp:h700s:-:::::::*