CVE-2023-3865

HIGH

Linux Kernel 5.15-5.15.120 - Out-of-bounds Read in SMB2 Write Handler

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/3813eee5154d6a4c5875cb4444cb2b63bac8947f

Patch

https://git.kernel.org/stable/c/c86211159bc3178b891e0d60e586a32c7b6a231b

Patch

https://git.kernel.org/stable/c/58a9c41064df27632e780c5a3ae3e0e4284957d1

Patch

https://git.kernel.org/stable/c/5fe7f7b78290638806211046a99f031ff26164e1

Scores

CVSS v3 7.1

EPSS 0.0051

EPSS Percentile 39.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (12)

Linux/Linux < 5.15

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 3813eee5154d6a4c5875cb4444cb2b63bac8947f

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 58a9c41064df27632e780c5a3ae3e0e4284957d1

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 5fe7f7b78290638806211046a99f031ff26164e1

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - c86211159bc3178b891e0d60e586a32c7b6a231b

Linux/Linux 5.15

Linux/Linux 5.15.121 - 5.15.*

Linux/Linux 6.1.36 - 6.1.*

Linux/Linux 6.3.10 - 6.3.*

Linux/Linux 6.4

... and 2 more

Published Aug 16, 2025

Tracked Since Feb 18, 2026