An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
Fixes

Solution

No solution given by the vendor.


Workaround

To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

History

Fri, 22 Nov 2024 12:00:00 +0000


Fri, 15 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 25 Oct 2024 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
CPEs cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.4:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.4:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc6:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
Vendors & Products Redhat enterprise Linux Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-26T06:27:20.352Z

Reserved: 2023-12-08T07:45:03.358Z

Link: CVE-2023-6606

cve-icon Vulnrichment

Updated: 2024-08-02T08:35:14.877Z

cve-icon NVD

Status : Modified

Published: 2023-12-08T17:15:07.733

Modified: 2024-11-21T08:44:11.000

Link: CVE-2023-6606

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-12-04T00:00:00Z

Links: CVE-2023-6606 - Bugzilla

cve-icon OpenCVE Enrichment

No data.