ByteOS Network

NVD Vulnerability Details :

CVE-2023-6606

Analyzed

Source-secalert@redhat.com

Published At-08 Dec, 2023 | 17:15

Updated At-25 Oct, 2024 | 16:37

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Secondary	3.1	7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Type: Primary

Version: 3.1

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CPE Matches

Linux Kernel Organization, Inc

>>linux_kernel>>Versions from 6.4.1(inclusive) to 6.7(exclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.4

cpe:2.3:o:linux:linux_kernel:6.4:-:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.4

cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.4

cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.4

cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.4

cpe:2.3:o:linux:linux_kernel:6.4:rc7:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*

Linux Kernel Organization, Inc

>>linux_kernel>>6.7

cpe:2.3:o:linux:linux_kernel:6.7:rc6:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>8.0

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux>>9.0

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_eus>>9.2

cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_eus>>9.4

cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_aus>>9.2

cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_aus>>9.4

cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions>>9.2

cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*

Red Hat, Inc.

>>enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions>>9.2_ppc64le

cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-125	Primary	nvd@nist.gov
CWE-125	Secondary	secalert@redhat.com

CWE ID: CWE-125

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-125

Type: Secondary

Source: secalert@redhat.com

References

Hyperlink	Source	Resource
https://access.redhat.com/errata/RHSA-2024:0723	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0725	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0881	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0897	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1188	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1248	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1404	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2094	secalert@redhat.com	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-6606	secalert@redhat.com	Third Party Advisory
https://bugzilla.kernel.org/show_bug.cgi?id=218218	secalert@redhat.com	Exploit Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2253611	secalert@redhat.com	Exploit Issue Tracking