8 matches found
Ubuntu: Security Advisory (USN-6725-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6725-1: Linux kernel vulnerabilities
Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service system crash or possibly...
CVE-2023-1194 affecting package kernel for versions less than 5.15.143.1-1
CVE-2023-1194 affecting package kernel for versions less than 5.15.143.1-1. A patched version of the package is available...
CVE-2023-1194
creationtimestamp| type| source ---|---|--- 2023-12-22 00:26:40+00:00| seen| https://t.me/ctinow/158084...
CVE-2023-1194
An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...
CVE-2023-1194 Use-after-free in parse_lease_state()
An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...
CVE-2023-1194
CVE-2023-1194 detail (Linux kernel KSMBD parse_lease_state) Affected component: Linux kernel with KSMBD in-kernel Samba/CIFS. Root cause: missing validation of NameOffset in parse_lease_state() allows a malformed CREATE payload to reach the create_context object, enabling out-of-bounds memory acc...
CVE-2023-1194
An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...