Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

The vulnerability of the smb2_is_network_name_deleted() function in the Linux kernel-based SMB client implementation allows a attacker to cause a service failure.

The vulnerability of the smb2isnetworknamedeleted function in the fs/smb/client/smb2ops.c module of the SMB protocol client implementation in Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a servic...

CVE-2024-22705

A vulnerability was found in ksmbd in the Linux kernel's smb2getdataarealen in fs/smb/server/smb2misc. This flaw allows an attacker to cause an smbstrndupfromutf16 out-of-bounds access due to mishandling the relationship between Name data and CreateContexts data...

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6572-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6572-1 advisory. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:4805-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4805-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary...

CVE-2023-6610

CVE-2023-6610 is an out-of-bounds read in Linux kernel’s smb2_dump_detail() (fs/smb/client/smb2ops.c). The vulnerability can allow a local attacker to crash the kernel or leak internal kernel information. Connected advisories (e.g., MiracleLinux/Tencent/Tenable Nessus entries) confirm the issue a...

CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-385 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting CVE-2022-48628 A use-after-free vulnerability in the Linux kernel's netfilter:...

CVE-2023-5345 Use-after-free in Linux kernel's fs/smb/client component

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3fscontextparseparam, ctx-password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading pas...

CVE-2023-5345

CVE-2023-5345 : A use-after-free in the Linux kernel kernel’s fs/smb/client component can enable local privilege escalation. Specifically, an error in smb3_fs_context_parse_param frees ctx->password but does not set it to NULL, risking a double-free scenario. The issue is documented in the CVE...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a resource management error vulnerability that originates from a confusion in the instructions responsible for freeing memory in the fs/smb/client...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read...

CVE-2023-38427

The connected documents confirm CVE-2023-38427 affects the Linux kernel (ksmbd) via an integer underflow and an out-of-bounds read in fs/smb/server/smb2pdu.c (deassemble_neg_contexts) and that a fix was released in Linux kernel 6.3.8. Practical impact is high due to potential data exposure and co...

CVE-2023-38427

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...