Linux Kernel SMB Handler OOB Read via ksmbd NetBIOS Len Validation
CVE-2023-38431 Published on July 18, 2023

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.

NVD

Products Associated with CVE-2023-38431

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-38431 are published in these products:

Linux Kernel

Canonical Ubuntu Linux

NetApp Solidfire Hci Management Node

NetApp H300s

NetApp H500s

NetApp H700s

NetApp H410s

Exploit Probability

EPSS

0.07%

Percentile

20.36%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Linux Kernel SMB Handler OOB Read via ksmbd NetBIOS Len ValidationCVE-2023-38431 Published on July 18, 2023

Products Associated with CVE-2023-38431

Exploit Probability

Linux Kernel SMB Handler OOB Read via ksmbd NetBIOS Len Validation
CVE-2023-38431 Published on July 18, 2023