CVE-2024-56627 | Linux Kernel up to 6.1.119/6.6.65/6.12.4 Setting ksmbd.conf ksmbd_vfs_stream_read streams_xattr out-of-bounds

Inserito da Angelo Barbosa | Dic 27, 2024 | CVE

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.119/6.6.65/6.12.4. Affected is the function ksmbd_vfs_stream_read of the file ksmbd.conf of the component Setting Handler. The manipulation of the argument streams_xattr leads to out-of-bounds read.

This vulnerability is traded as CVE-2024-56627. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-56627 | Linux Kernel up to 6.1.119/6.6.65/6.12.4 Setting ksmbd.conf ksmbd_vfs_stream_read streams_xattr out-of-bounds

Post correlati

CVE-2024-6153 | Parallels Desktop up to 17.1.1 Updater protection mechanism

CVE-2024-8544 | Pixel Cat Plugin up to 3.0.5 on WordPress cross site scripting

CVE-2024-42468 | openhab-webui up to 4.2.0 path traversal (GHSA-pcwp-26pw-j98w)

CVE-2024-7158 | TOTOLINK A3100R 4.1.2cu.5050_B20200504 HTTP POST Request /cgi-bin/cstecgi.cgi setTelnetCfg telnet_enabled command injection