CVE-2024-22705Out-of-bounds Read in Kernel

CWE-125Out-of-bounds Read17 documents8 sources
Severity
7.8HIGHNVD
OSV8.1OSV7.5OSV7.0
EPSS
0.0%
top 95.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.148.1-1 ON CBL Mariner 2.0+1 more
Timeline
PublishedJan 23
Latest updateApr 16

Description

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel< 6.6.10+1
Debianlinux/linux_kernel< 6.1.76-1+2
Ubuntulinux/linux_kernel< 5.15.0-102.112
debiandebian/linux< linux 6.1.76-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

7
OSV
linux-aws-6.5, linux-raspi vulnerabilities2024-04-16
OSV
linux-aws, linux-aws-5.15 vulnerabilities2024-04-16
OSV
linux, linux-aws, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-2024-04-09
OSV
linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel2024-04-09
OSV
linux-oem-6.1 vulnerabilities2024-02-15

📋Vendor Advisories

8
Ubuntu
Linux kernel vulnerabilities2024-04-16
Ubuntu
Linux kernel (AWS) vulnerabilities2024-04-16
Ubuntu
Linux kernel vulnerabilities2024-04-09
Ubuntu
Linux kernel vulnerabilities2024-04-09
Ubuntu
Linux kernel (OEM) vulnerabilities2024-02-15

💬Community

1
Bugzilla
CVE-2024-22705 kernel: out-of-bounds access smb2_get_data_area_len2024-01-23
CVE-2024-22705 — Out-of-bounds Read in Linux Kernel | cvebase