First published: Tue Jul 18 2023(Updated: )
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <6.3.8 | |
Linux Kernel | >=5.15<5.15.145 | |
Linux Kernel | >=5.16<6.1.34 | |
Linux Kernel | >=6.2<6.3.8 | |
NetApp H300S Firmware | ||
NetApp H410S Firmware | ||
NetApp H500e Firmware | ||
NetApp H700S | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-38427 is classified as a medium-level vulnerability with potential impact on affected systems.
To fix CVE-2023-38427, update your Linux kernel to version 6.3.9 or later, or one of the patched versions specified in your distribution's advisory.
CVE-2023-38427 affects various versions of the Linux kernel prior to 6.3.8 and specific NetApp hardware like the H300s, H410s, H500s, and H700s.
CVE-2023-38427 involves an integer underflow and out-of-bounds read in the Linux kernel's ksmbd component.
CVE-2023-38427 was last updated on 29 November 2024.