12 matches found
USN-6725-1: Linux kernel vulnerabilities
Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service system crash or possibly...
K000138511: Linux kernel vulnerability CVE-2023-38427
Security Advisory Description An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts. CVE-2023-38427 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
USN-6466-1: Linux kernel (NVIDIA) vulnerabilities
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
Ubuntu 22.04 LTS / 23.04 : Linux kernel vulnerabilities (USN-6412-1)
The remote Ubuntu 22.04 LTS / 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6412-1 advisory. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- fre...
CVE-2023-38427 affecting package kernel 5.10.185.1-1
CVE-2023-38427 affecting package kernel 5.10.185.1-1. A patched version of the package is available...
CVE-2023-38427 affecting package kernel for versions less than 5.15.122.1-2
CVE-2023-38427 affecting package kernel for versions less than 5.15.122.1-2. A patched version of the package is available...
Advisory ROSA-SA-2023-2208
software: kernel-6.1 6.1.38 OS: ROSA-CHROME packageevrstring: kernel-6.1.1-generic-6.1.38-1.src.rpm CVE-ID: CVE-2023-38431 BDU-ID: 2023-03952 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ksmbdconnhandlerloop function in the fs/smb/server/connection.c module of the KSMBD file system of the...
CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
UBUNTU-CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
CVE-2023-38427
The connected documents confirm CVE-2023-38427 affects the Linux kernel (ksmbd) via an integer underflow and an out-of-bounds read in fs/smb/server/smb2pdu.c (deassemble_neg_contexts) and that a fix was released in Linux kernel 6.3.8. Practical impact is high due to potential data exposure and co...