Lucene search
K

1851 matches found

OSV
OSV
added 2023/07/24 4:15 p.m.2 views

UBUNTU-CVE-2023-32257

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...

8.1CVSS6.9AI score0.02393EPSS
Exploits0References12
OSV
OSV
added 2023/07/24 4:15 p.m.0 views

UBUNTU-CVE-2023-32252

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...

7.5CVSS6.8AI score0.0406EPSS
Exploits0References12
OSV
OSV
added 2023/07/24 4:15 p.m.2 views

UBUNTU-CVE-2023-32258

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS6.9AI score0.02495EPSS
Exploits0References9
OSV
OSV
added 2023/07/24 4:15 p.m.2 views

UBUNTU-CVE-2023-32247

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2SESSIONSETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a...

7.5CVSS6.8AI score0.03872EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux Kernel is a popular operating system. A resource exhaustion vulnerability exists in the Linux Kernel ksmbd handling SMB2SESSIONSETUP, which can be exploited by a remote attacker to submit a special request that can crash the system and cause a denial of service attack...

7.5CVSS8.4AI score0.03872EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from flaws in the handling of the SMB2LOGOFF and SMB2CLOSE commands, which lack proper locking when performing operations on objects, and...

8.1CVSS7.4AI score0.02495EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.6 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation. A security vulnerability exists in the Linux kernel that stems from flaws in the handling of the SMB2TREECONNECT and SMB2QUERYINFO commands, which lack proper validation of pointers before they are...

7.5CVSS7.1AI score0.0406EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a flaw in the handling of the SMB2LOGOFF command, which lacks proper validation of pointers before they are accessed, and which can b...

7.5CVSS6.9AI score0.0406EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/07/23 12:0 a.m.6 views

PT-2023-8703 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the improper validation of session id and tree id in compound requests in the Linux kernel's ksmbd module. Specifically, the smb2 get msg function in smb2 get...

9.8CVSS6.8AI score0.17442EPSS
Exploits0References170
CNNVD
CNNVD
added 2023/07/20 12:0 a.m.2 views

Samba 安全漏洞

Samba is a standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba that originates from incorrectly enforcing SMB2 packet signatures. An attacker could exploit this vulnerability to obtain or modify sensitive information...

5.9CVSS6.7AI score0.0039EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/07/19 2:2 a.m.3 views

SUSE CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...

9.1CVSS6.7AI score0.01059EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.8 views

PT-2023-8786 · Samba +8 · Samba +8

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domai...

9.8CVSS7AI score0.62606EPSS
Exploits5References129
ATTACKERKB
ATTACKERKB
added 2023/07/18 12:15 a.m.3 views

CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

9.1CVSS6.8AI score0.01059EPSS
Exploits0References4
OSV
OSV
added 2023/07/18 12:15 a.m.1 views

DEBIAN-CVE-2023-38427

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...

9.8CVSS6.8AI score0.01129EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 12:15 a.m.2 views

DEBIAN-CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...

9.1CVSS6.5AI score0.01059EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 12:15 a.m.6 views

AZL-27534 CVE-2023-38430 affecting package kernel for versions less than 5.15.122.1-2

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...

9.1CVSS6.7AI score0.01059EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 12:15 a.m.2 views

UBUNTU-CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

9.1CVSS6.8AI score0.01059EPSS
Exploits0References9
OSV
OSV
added 2023/07/18 12:15 a.m.4 views

UBUNTU-CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...

9.1CVSS6.7AI score0.01059EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.8 views

PT-2023-8718 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the ksmbd module in the Linux kernel, where an out-of-bounds condition occurs in the init smb2 rsp hdr function when handling the need neg parameter set to fals...

10CVSS6.5AI score0.71737EPSS
Exploits53References379
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.3 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.10, which stems from the fact that fs/smb/server/smb2misc.c does not validate the relationsh...

9.1CVSS8.7AI score0.02378EPSS
Exploits0References10
Rows per page
Query Builder