3 matches found
CVE-2023-3865
CVE-2023-3865 affects the ksmbd component of the Linux kernel (smb2_write). Root cause: ksmbd_smb2_check_message does not validate hdr->NextCommand; if NextCommand > Offset+Length of smb2 write, an oversized length allows an out-of-bounds read in smb2_write. Implication: out-of-bounds read ...
CVE-2023-3865
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2write ksmbdsmb2checkmessage doesn't validate hdr-NextCommand. If -NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in...
OESA-2023-1614 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: CVE-2023-3865 CVE-2023-3866 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user t...