CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Published: Dec 8, 2023
Updated: Dec 13, 2023
CVE: CVE-2023-6606
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
redhat / enterprise_linux	8.0	8.0.x
redhat / enterprise_linux	9.0	9.0.x
linux / linux_kernel	6.4-rc4	6.4-rc4.x
linux / linux_kernel	6.4-rc5	6.4-rc5.x
linux / linux_kernel	6.4-rc6	6.4-rc6.x
linux / linux_kernel	6.4-rc7	6.4-rc7.x
linux / linux_kernel	6.4	6.4.x
linux / linux_kernel	6.7-rc1	6.7-rc1.x
linux / linux_kernel	6.7-rc2	6.7-rc2.x
linux / linux_kernel	6.7-rc3	6.7-rc3.x
linux / linux_kernel	6.7-rc4	6.7-rc4.x
linux / linux_kernel	6.7-rc5	6.7-rc5.x
linux / linux_kernel	6.7-rc6	6.7-rc6.x
linux / linux_kernel	6.4.1	6.7
redhat / enterprise_linux_server_aus	9.2	9.2.x
redhat / enterprise_linux_eus	9.2	9.2.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.2	9.2.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.2_ppc64le	9.2_ppc64le.x
redhat / enterprise_linux_server_aus	9.4	9.4.x
redhat / enterprise_linux_eus	9.4	9.4.x

Vulnerability Database

289,599

CVE-2023-6606