Today > 2 Critical | 2 High | 8 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2023-45896

Sept. 4, 2024, 3:15 p.m.

Product(s) Impacted

Linux Kernel

  • before 6.5.11

Description

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image.

Weaknesses

Date

Published: Aug. 28, 2024, 5:15 a.m.

Last Modified: Sept. 4, 2024, 3:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References