CVE-2024-0565

2024-01-1500:00:00

ubuntu.com

cve-2024-0565

smb client

linux kernel

memory read flaw

integer underflow

denial of service

bugzilla

red hat

suse

unix

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An out-of-bounds memory read flaw was found in receive_encrypted_standard
in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux
Kernel. This issue occurs due to integer underflow on the memcpy length,
leading to a denial of service.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-172.190UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-97.107UNKNOWN
ubuntu23.10noarchlinux< 6.5.0-21.21UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1119.129UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1055.60UNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1014.14UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1055.60~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1119.129~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1124.131UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1057.65UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< 5.4.0-172.190	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-97.107	UNKNOWN
ubuntu	23.10	noarch	linux	< 6.5.0-21.21	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1119.129	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1055.60	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< 6.5.0-1014.14	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1055.60~20.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< 5.4.0-1119.129~18.04.1	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1124.131	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< 5.15.0-1057.65	UNKNOWN