From 7ad26ed78ace6cd4ac9dfe67fb971c4f6b7fbef4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 18 Jul 2023 00:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/38xxx/CVE-2023-38426.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38427.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38428.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38429.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38430.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38431.json | 67 ++++++++++++++++++++++++++++++++++ 2023/38xxx/CVE-2023-38432.json | 67 ++++++++++++++++++++++++++++++++++ 7 files changed, 469 insertions(+) create mode 100644 2023/38xxx/CVE-2023-38426.json create mode 100644 2023/38xxx/CVE-2023-38427.json create mode 100644 2023/38xxx/CVE-2023-38428.json create mode 100644 2023/38xxx/CVE-2023-38429.json create mode 100644 2023/38xxx/CVE-2023-38430.json create mode 100644 2023/38xxx/CVE-2023-38431.json create mode 100644 2023/38xxx/CVE-2023-38432.json diff --git a/2023/38xxx/CVE-2023-38426.json b/2023/38xxx/CVE-2023-38426.json new file mode 100644 index 00000000000..31867a35180 --- /dev/null +++ b/2023/38xxx/CVE-2023-38426.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=02f76c401d17e409ed45bf7887148fcc22c93c85", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=02f76c401d17e409ed45bf7887148fcc22c93c85" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38427.json b/2023/38xxx/CVE-2023-38427.json new file mode 100644 index 00000000000..38debff3032 --- /dev/null +++ b/2023/38xxx/CVE-2023-38427.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=f1a411873c85b642f13b01f21b534c2bab81fc1b" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38428.json b/2023/38xxx/CVE-2023-38428.json new file mode 100644 index 00000000000..e0d12645dab --- /dev/null +++ b/2023/38xxx/CVE-2023-38428.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38429.json b/2023/38xxx/CVE-2023-38429.json new file mode 100644 index 00000000000..ead9a8c259e --- /dev/null +++ b/2023/38xxx/CVE-2023-38429.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=443d61d1fa9faa60ef925513d83742902390100f", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/ksmbd?id=443d61d1fa9faa60ef925513d83742902390100f" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38430.json b/2023/38xxx/CVE-2023-38430.json new file mode 100644 index 00000000000..81c6e2ca24f --- /dev/null +++ b/2023/38xxx/CVE-2023-38430.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=1c1bcf2d3ea061613119b534f57507c377df20f9", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=1c1bcf2d3ea061613119b534f57507c377df20f9" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.9" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38431.json b/2023/38xxx/CVE-2023-38431.json new file mode 100644 index 00000000000..7153b7cefcf --- /dev/null +++ b/2023/38xxx/CVE-2023-38431.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38431", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.8" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=368ba06881c395f1c9a7ba22203cf8d78b4addc0", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=368ba06881c395f1c9a7ba22203cf8d78b4addc0" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38432.json b/2023/38xxx/CVE-2023-38432.json new file mode 100644 index 00000000000..7c06196bc74 --- /dev/null +++ b/2023/38xxx/CVE-2023-38432.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb/server?id=2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.10", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.10" + } + ] + } +} \ No newline at end of file