CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38430 – Ubuntu Security Notice USN-6466-1
https://notcve.org/view.php?id=CVE-2023-38430
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service or possibly expose sensitive information. Quentin Minster discovered that a race condition exist... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9 • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38432 – Ubuntu Security Notice USN-6466-1
https://notcve.org/view.php?id=CVE-2023-38432
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.10 • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38431 – Ubuntu Security Notice USN-6466-1
https://notcve.org/view.php?id=CVE-2023-38431
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read. Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use thi... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38429 – Ubuntu Security Notice USN-6339-3
https://notcve.org/view.php?id=CVE-2023-38429
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the f2fs file system in the Linux ... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-193: Off-by-one Error •
CVSS: 9.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38428
https://notcve.org/view.php?id=CVE-2023-38428
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38426 – Ubuntu Security Notice USN-6338-2
https://notcve.org/view.php?id=CVE-2023-38426
17 Jul 2023 — An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length. Se descubrió un problema en el kernel de Linux antes de 6.3.4. KSMBD tiene una lectura fuera de los límites en smb2_find_context_vals cuando el name_len de create_context es mayor que la longitud de la etiqueta. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A l... • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 • CWE-125: Out-of-bounds Read •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37453 – kernel: usb: out-of-bounds read in read_descriptors
https://notcve.org/view.php?id=CVE-2023-37453
06 Jul 2023 — An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memo... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e4c574225cc5a0553115e5eb5787d1474db5b0f • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2023-37454
https://notcve.org/view.php?id=CVE-2023-37454
06 Jul 2023 — An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-37454 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 3CVE-2023-35001 – Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability
https://notcve.org/view.php?id=CVE-2023-35001
05 Jul 2023 — Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace Vulnerabilidad de Lectura/Escritura en nftables Fuera de los Límites del kernel de Linux; nft_byteorder administra incorrectamente los contenidos de registro de VM cuando CAP_NET_ADMIN está en cualquier espacio de nombres de usuario o red An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel's nft_byte... • https://github.com/synacktiv/CVE-2023-35001 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-31248 – Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-31248
05 Jul 2023 — Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace Vulnerabilidad de Escalada de Privilegios Locales de Use-After-Free de Linux nftables; 'nft_chain_lookup_byid()' no pudo comprobar si una cadena estaba activa y CAP_NET_ADMIN está en cualquier espacio de nombres de usuario o red A use-after-free flaw was found in the Linux kernel's Netfilter module in net/net... • http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html • CWE-416: Use After Free •