CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38430
https://notcve.org/view.php?id=CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=1c1bcf2d3ea061613119b534f57507c377df20f9 https://security.netapp.com/advisory/ntap-20230831-0003 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38432
https://notcve.org/view.php?id=CVE-2023-38432
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.10 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d https://security.netapp.com/advisory/ntap-20230831-0002 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38427
https://notcve.org/view.php?id=CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b https://security.netapp.com/advisory/ntap-20230824-0011 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37453 – kernel: usb: out-of-bounds read in read_descriptors
https://notcve.org/view.php?id=CVE-2023-37453
An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e4c574225cc5a0553115e5eb5787d1474db5b0f https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=85d07c55621676d47d873d2749b88f783cd4d5a1 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de28e469da75359a2bb8cd8778b78aa64b1be1f4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ff33299ec8bb80cdcc073ad9c506bd79bb2ed20b https://lore.kernel.org/all/000000000000c0ffe505fe86c9ca%40google.com/T htt • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2023-37454
https://notcve.org/view.php?id=CVE-2023-37454
An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-37454 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f861765464f43a71462d52026fbddfc858239a5 https://lore.kernel.org/all/00000000000056e02f05dfb6e11a%40google.com/T https://syzkaller.appspot.com/bug?extid=26873a72980f8fa8bc55 https://syzkaller.appspot.com/bug?extid=60864ed35b1073540d57 https://syzkaller.appspot.com/bug? • CWE-416: Use After Free •