CVE-2023-45896
Sept. 4, 2024, 3:15 p.m.
Tags
Product(s) Impacted
Linux Kernel
- before 6.5.11
Description
ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image.
Weaknesses
Date
Published: Aug. 28, 2024, 5:15 a.m.
Last Modified: Sept. 4, 2024, 3:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://cdn.kernel.org/
cve@mitre.org
https://dfir.ru/
cve@mitre.org
https://git.kernel.org/
cve@mitre.org
https://github.com/
cve@mitre.org