Main Vulnerability Database Vulnerabilities #VU80497

Off-by-one in Linux kernel - CVE-2023-38429

Published: September 6, 2023

Vulnerability identifier: #VU80497

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2023-38429

CWE-ID: CWE-193

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an off-by-one error within the ksmbd_smb2_check_message() function in fs/ksmbd/connection.c. A remote attacker can trigger an off-by-one error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2023-38429

Install updates from vendor's website.

Sources

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=443d61d1fa9faa60ef925513d83742902390100f
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4

Off-by-one in Linux kernel - CVE-2023-38429

Detailed vulnerability description

How to mitigate CVE-2023-38429

Sources

Please verify you're human