PT-2023-1533 · Linux+4 · Linux Kernel+4

Palash Oswal

Publicado

2022-11-16

Atualizado

2024-03-25

CVE-2023-26607

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.0.8

Description The issue is related to an out-of-bounds read in the ntfs attr find() function in fs/ntfs/attrib.c. This can potentially allow an attacker to cause a denial of service.

Recommendations For Linux kernel version 6.0.8, consider disabling the ntfs attr find() function as a temporary workaround until a patch is available. Restrict access to the fs/ntfs/attrib.c module to minimize the risk of exploitation.

Exploit

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2022-3091

ALT-PU-2022-3303

ALT-PU-2023-4894

ALT-PU-2023-7007

ALT-PU-2023-7682

BDU:2023-00976

CVE-2023-26607

OESA-2023-1152

OESA-2023-1153

OESA-2023-1156

OESA-2023-1178

USN-5975-1

USN-6000-1

USN-6001-1

USN-6007-1

USN-6013-1

USN-6014-1

USN-6031-1

USN-6032-1

Produtos afetados

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Ubuntu

PT-2023-1533 · Linux+4 · Linux Kernel+4

CVE-2023-26607

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 146