CVE-2024-0565

High

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the…

redhat·CWE-191·Published 2024-01-15

CVSS

7.4

EPSS

0.02

KEV

Exploits

cve.orgen

250 chars

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

NVDen

250 chars

NVDes

319 chars

Se encontró un fallo de lectura de memoria fuera de los límites en receive_encrypted_standard en fs/smb/client/smb2ops.c en el subcomponente SMB Client en el kernel de Linux. Este problema se produce debido a un desbordamiento insuficiente de enteros en la longitud de memcpy, lo que provoca una denegación de servicio.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.4	1.5	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.8	—	—	CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H