Page 463 of 2608 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b https://security.netapp.com/advisory/ntap-20230824-0011 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info). A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.12 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d https://access.redhat.com/security/cve/CVE-2023-38409 https://bugzilla.redhat.com/show_bug.cgi?id=2230042 • CWE-129: Improper Validation of Array Index •

CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=1c1bcf2d3ea061613119b534f57507c377df20f9 https://security.netapp.com/advisory/ntap-20230831-0003 • CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=368ba06881c395f1c9a7ba22203cf8d78b4addc0 https://security.netapp.com/advisory/ntap-20230824-0011 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=443d61d1fa9faa60ef925513d83742902390100f • CWE-193: Off-by-one Error •