CVE-2023-3865

Public on 2023-09-13
Modified on 2024-02-27
Description
ksmbd: fix out-of-bound read in smb2_write

NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-980/
NOTE: https://git.kernel.org/linus/5fe7f7b78290638806211046a99f031ff26164e1 (6.4)
Severity
Important severity
Important
CVSS v3 Base Score
7.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel Not Affected
Amazon Linux 2 - Core kernel Not Affected
Amazon Linux 2 - Kernel-5.10 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.15 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.4 Extra kernel Not Affected
Amazon Linux 2023 kernel Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:H

References

Red Hat: CVE-2023-3865 Mitre: CVE-2023-3865