6.8 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
[
{
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.7-rc6",
"versionType": "semver"
}
],
"packageName": "kernel",
"collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
"defaultStatus": "unaffected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-513.24.1.rt7.326.el8_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::realtime",
"cpe:/a:redhat:enterprise_linux:8::nfv"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-513.24.1.el8_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-372.95.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-477.51.1.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::crb",
"cpe:/o:redhat:rhel_eus:8.8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-427.13.1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::nfv",
"cpe:/a:redhat:enterprise_linux:9::realtime",
"cpe:/o:redhat:enterprise_linux:9::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-427.13.1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::nfv",
"cpe:/a:redhat:enterprise_linux:9::realtime",
"cpe:/o:redhat:enterprise_linux:9::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-284.59.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::crb",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-284.59.1.rt14.344.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::realtime",
"cpe:/a:redhat:rhel_eus:9.2::nfv"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-372.95.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
}
]
access.redhat.com/errata/RHSA-2024:1188
access.redhat.com/errata/RHSA-2024:1404
access.redhat.com/errata/RHSA-2024:1532
access.redhat.com/errata/RHSA-2024:1533
access.redhat.com/errata/RHSA-2024:1607
access.redhat.com/errata/RHSA-2024:1614
access.redhat.com/errata/RHSA-2024:2394
access.redhat.com/security/cve/CVE-2024-0565
bugzilla.redhat.com/show_bug.cgi?id=2258518
lists.debian.org/debian-lts-announce/2024/06/msg00017.html
security.netapp.com/advisory/ntap-20240223-0002/
www.spinics.net/lists/stable-commits/msg328851.html
6.8 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%