Download
| Alert*
|
CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. CVE-2023-3867 [ksmbd: add missing compound request handing in some commands] NOTE: This vulnerability is currently awaiting analysis. CVE-2023-38432 An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. |
