An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0001.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Logging
  • Rhel Eus
  • Rhev Hypervisor

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-513.18.1.rt7.320.el8_9 cpe:/a:redhat:enterprise_linux:8::nfv RHSA-2024:0881 2024-02-20T00:00:00Z
kernel-0:4.18.0-513.18.1.el8_9 cpe:/o:redhat:enterprise_linux:8 RHSA-2024:0897 2024-02-20T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
kernel-0:4.18.0-372.91.1.el8_6 cpe:/o:redhat:rhel_eus:8.6 RHSA-2024:0724 2024-02-07T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
kernel-0:4.18.0-477.51.1.el8_8 cpe:/o:redhat:rhel_eus:8.8 RHSA-2024:1404 2024-03-19T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-362.24.1.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1248 2024-03-12T00:00:00Z
kernel-0:5.14.0-362.24.1.el9_3 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:1248 2024-03-12T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.52.1.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:0723 2024-02-07T00:00:00Z
kernel-rt-0:5.14.0-284.52.1.rt14.337.el9_2 cpe:/a:redhat:rhel_eus:9.2::nfv RHSA-2024:0725 2024-02-07T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
kernel-0:4.18.0-372.91.1.el8_6 cpe:/o:redhat:rhev_hypervisor:4.4::el8 RHSA-2024:0724 2024-02-07T00:00:00Z
RHOL-5.8-RHEL-9
openshift-logging/cluster-logging-operator-bundle:v5.8.6-22 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/cluster-logging-rhel9-operator:v5.8.6-11 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch6-rhel9:v6.8.1-407 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-operator-bundle:v5.8.6-19 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-479 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-rhel9-operator:v5.8.6-7 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/eventrouter-rhel9:v0.4.0-247 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/fluentd-rhel9:v5.8.6-5 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-227 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-curator5-rhel9:v5.8.1-470 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-loki-rhel9:v2.9.6-14 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-view-plugin-rhel9:v5.8.6-2 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/loki-operator-bundle:v5.8.6-24 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/loki-rhel9-operator:v5.8.6-10 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/lokistack-gateway-rhel9:v0.1.0-525 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/opa-openshift-rhel9:v0.1.0-224 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/vector-rhel9:v0.28.1-56 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

References
Link Providers
https://access.redhat.com/errata/RHSA-2024:0723 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0724 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0725 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0881 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0897 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1248 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1404 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2094 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-6610 cve-icon cve-icon
https://bugzilla.kernel.org/show_bug.cgi?id=218219 cve-icon cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2253614 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-6610 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-6610 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-25T19:22:07.410Z

Reserved: 2023-12-08T08:25:42.667Z

Link: CVE-2023-6610

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-08T17:15:07.933

Modified: 2024-11-21T08:44:11.657

Link: CVE-2023-6610

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-12-04T00:00:00Z

Links: CVE-2023-6610 - Bugzilla

cve-icon OpenCVE Enrichment

No data.