CVE-2023-38427 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-38427 PUBLISHED

Im Linux Kernel existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente ksmbd aufgrund eines Integer-Unterlaufs und eines Out-of-bounds-Read in deassemble_neg_contexts sowie eines Out-of-bounds-Read in fs/smb/server/connection.c. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen.

EPSS 0.09% · 25.0th percentile

Risk Scores

EPSS Score

0.09%

25.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu	Ubuntu Linux

Timeline

Jul 17, 2023 CVE Published
Jul 18, 2023 EPSS Score
Aug 21, 2023 EPSS Score
Sep 24, 2023 EPSS Score
Oct 27, 2023 EPSS Score
Nov 30, 2023 EPSS Score
Feb 6, 2024 EPSS Score
Mar 11, 2024 EPSS Score
Apr 13, 2024 EPSS Score
May 17, 2024 EPSS Score
Jun 20, 2024 EPSS Score
Jul 24, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1770.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1770 advisory
https://github.com/advisories/GHSA-229r-cp46-m292 advisory
https://github.com/advisories/GHSA-f4cj-v28g-9hh9 advisory
https://ubuntu.com/security/notices/USN-6412-1 advisory
https://ubuntu.com/security/notices/USN-6466-1 advisory
https://ubuntu.com/security/notices/USN-6725-1 advisory
https://ubuntu.com/security/notices/USN-6725-2 advisory

Open in Interactive Console →