CVE-2023-4458

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A flaw was found in the parsing of extended attributes in the kernel ksmbd module, resulting from the lack of proper validation of user-supplied data. This can cause a read past the end of an allocated buffer, allowing an attacker to disclose sensitive information on affected installations of Linux. The issue affects systems with ksmbd enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-15382

CVE-2023-4458

OESA-2025-1963

OESA-2025-1964

ZDI-24-590

Affected Products

Astra Linux

Linux Kernel

CVE-2023-4458

Weakness Enumeration

Related Identifiers

Affected Products

References · 50