Home

CVE-2019-15918

Description

An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.1

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-4162-1) linux-image-aws_4.15.0.1052.51_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-gcp_4.15.0.1047.61_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-gke_4.15.0.1046.49_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-gke_4.15.0.1047.61_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-kvm_4.15.0.1048.48_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-oem_4.15.0.66.86_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-oem_4.15.0.1059.63_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-azure_4.15.0.1061.64_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-oracle_4.15.0.1027.20_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-oracle_4.15.0.1027.30_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-aws-hwe_4.15.0.1052.52_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-generic_4.15.0.66.68_i386.debLinux
Linux kernel (USN-4162-1) linux-image-generic_4.15.0.66.68_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-virtual_4.15.0.66.68_i386.debLinux
Linux kernel (USN-4162-1) linux-image-virtual_4.15.0.66.68_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-gke-4.15_4.15.0.1046.49_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-lowlatency_4.15.0.66.68_i386.debLinux
Linux kernel (USN-4162-1) linux-image-lowlatency_4.15.0.66.68_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1046-gke_4.15.0-1046.49_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1047-gcp_4.15.0-1047.50_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1048-kvm_4.15.0-1048.48_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1052-aws_4.15.0-1052.54_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1052-aws_4.15.0-1052.54~16.04.1_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1059-oem_4.15.0-1059.68_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1061-azure_4.15.0-1061.66_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75_i386.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75~16.04.1_i386.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75~16.04.1_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-generic-hwe-16.04_4.15.0.66.86_i386.debLinux
Linux kernel (USN-4162-1) linux-image-generic-hwe-16.04_4.15.0.66.86_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-virtual-hwe-16.04_4.15.0.66.86_i386.debLinux
Linux kernel (USN-4162-1) linux-image-virtual-hwe-16.04_4.15.0.66.86_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1027-oracle_4.15.0-1027.30_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-1027-oracle_4.15.0-1027.30~16.04.1_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75_i386.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75~16.04.1_i386.debLinux
Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75~16.04.1_amd64.debLinux
Linux kernel (USN-4162-1) linux-image-lowlatency-hwe-16.04_4.15.0.66.86_i386.debLinux
Linux kernel (USN-4162-1) linux-image-lowlatency-hwe-16.04_4.15.0.66.86_amd64.debLinux
kernel Security Update (ALAS-2020-1399) kernel-livepatch-4.14.171-136.231-1.0-0.amzn2.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234