CVE-2023-6610
Kernel: oob access in smb2_dump_detail
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.1EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
08 dic 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Productos afectados
Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat · RHOL-5.8-RHEL-9¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://access.redhat.com/errata/RHSA-2024:0723https://access.redhat.com/errata/RHSA-2024:0724https://access.redhat.com/errata/RHSA-2024:0725https://access.redhat.com/errata/RHSA-2024:0881https://access.redhat.com/errata/RHSA-2024:0897https://access.redhat.com/errata/RHSA-2024:1248https://access.redhat.com/errata/RHSA-2024:1404https://access.redhat.com/errata/RHSA-2024:2094https://access.redhat.com/security/cve/CVE-2023-6610https://bugzilla.kernel.org/show_bug.cgi?id=218219https://bugzilla.redhat.com/show_bug.cgi?id=2253614