PT-2023-1533 · Linux+4 · Linux Kernel+4

Palash Oswal

Published

2022-11-16

Updated

2024-03-25

CVE-2023-26607

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.0.8

Description The issue is related to an out-of-bounds read in the ntfs attr find() function in fs/ntfs/attrib.c. This can potentially allow an attacker to cause a denial of service.

Recommendations For Linux kernel version 6.0.8, consider disabling the ntfs attr find() function as a temporary workaround until a patch is available. Restrict access to the fs/ntfs/attrib.c module to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2022-3091

ALT-PU-2022-3303

ALT-PU-2023-4894

ALT-PU-2023-7007

ALT-PU-2023-7682

BDU:2023-00976

CVE-2023-26607

OESA-2023-1152

OESA-2023-1153

OESA-2023-1156

OESA-2023-1178

USN-5975-1

USN-6000-1

USN-6001-1

USN-6007-1

USN-6013-1

USN-6014-1

USN-6031-1

USN-6032-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Ubuntu

PT-2023-1533 · Linux+4 · Linux Kernel+4

CVE-2023-26607

Weakness Enumeration

Related Identifiers

Affected Products

References · 146