CVE-2023-26607

Published Feb 26, 2023

Last updated a year ago

CVSS high 7.1

Overview

Description: In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-125

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "031BD5BC-9E38-498A-95A0-B6CA8ED82039",
            "versionEndExcluding": "4.9.334",
            "versionStartIncluding": "2.6.12"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "424802D2-E9E7-48A9-AD6F-DF2227B3D83A",
            "versionEndExcluding": "4.14.300",
            "versionStartIncluding": "4.10"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5C69A12-68E2-400E-9A5A-375A673C8402",
            "versionEndExcluding": "4.19.267",
            "versionStartIncluding": "4.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94D21814-3051-4860-AB06-C7880A3D4933",
            "versionEndExcluding": "5.4.225",
            "versionStartIncluding": "4.20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24FDE7A3-F8EF-4339-A725-9F238448BCFD",
            "versionEndExcluding": "5.10.156",
            "versionStartIncluding": "5.5.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51BBEF3B-79F5-4D4C-ADBA-F34DA0E2465C",
            "versionEndExcluding": "5.15.80",
            "versionStartIncluding": "5.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64F9ADD1-3ADB-4D66-A00F-4A83010B05F0",
            "versionEndExcluding": "6.0.10",
            "versionStartIncluding": "5.16"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6"
          },
          {
            "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "489D20B9-166F-423D-8C48-A23D3026E33B"
          },
          {
            "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
          },
          {
            "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
          },
          {
            "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References