Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6351-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6351-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker cou...

Linux kernel smb2pdu.c file out-of-bounds read vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from fs/ksmbd/smb2pdu.c not properly checking the UserName value, and can be...

CVE-2023-38427

The connected documents confirm CVE-2023-38427 affects the Linux kernel (ksmbd) via an integer underflow and an out-of-bounds read in fs/smb/server/smb2pdu.c (deassemble_neg_contexts) and that a fix was released in Linux kernel 6.3.8. Practical impact is high due to potential data exposure and co...

Linux kernel buffer overflow vulnerability (CNVD-2023-58993)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a buffer overflow vulnerability that stems from an issue found in ksmbd where fs/ksmbd/smb2pdu.c lacks length validation in the unfilled case of...

CVE-2022-47940

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2write...

DEBIAN-CVE-2022-47941

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error conditions, aka a memory leak...

CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue discovered in ksmbd where fs/ksmbd/smb2pdu.c omits the kfree call, also known as a memory leak, und...

Linux kernel out-of-bounds read vulnerability (CNVD-2019-31650)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in SMB2negotiate in fs/cifs/smb2pdu.c in versions of Linux kernel prior to 5.0.10. The vulnerability stems from an incomplet...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...