Analysis Summary

CVE-2023-39176 CVSS:5.8

Linux Kernel could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the parsing of SMB2 requests that have a transform header. By sending a specially crafted request, an attacker could exploit this vulnerability to read past the end of an allocated buffer, and use this information to launch further attacks against the affected system.

CVE-2023-39179 CVSS:7.5

Linux Kernel could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the handling of SMB2 read requests. By sending a specially crafted request, an attacker could exploit this vulnerability to read past the end of an allocated buffer, and use this information to launch further attacks against the affected system.

CVE-2023-39180 CVSS:4

Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the handling of SMB2_READ commands. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2023-4458 CVSS:4

Linux Kernel could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the parsing of extended attributes in ksmbd smb2_open. By sending a specially crafted request, an attacker could exploit this vulnerability to read past the end of an allocated buffer, and use this information to launch further attacks against the affected system.

Impact

• Denial of Service
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2023-39176
• CVE-2023-39179
• CVE-2023-39180
• CVE-2023-4458

Affected Vendors

Remediation

Refer to lore.kernel Website for patch, upgrade or suggested workaround information.

CVE-2023-39176

CVE-2023-39179

CVE-2023-39180

CVE-2023-4458