- Description
- In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write An offset from client could be a negative value, It could allows to write data outside the bounds of the allocated buffer. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-787
- Hype score
- Not currently trending
Linux Kernel SMB サーバの深刻な脆弱性 CVE-2024-56626/56627 が FIX:PoC も公開 https://t.co/XwGpjF3Xnv Linux Kernel SMB の深刻な脆弱性が FIX しました。PoC も提供されているとのことですが、その所在は分かりませんでした。ご利用のチームは、ご注意ください。 #CVE202456626 #CVE202456627… https://t.co/C0LTyCqqtV
@iototsecnews
6 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Linux sistemlərində kritik boşluq (CVE-2024-56626, CVSS balı- 9.8) aşkarlanıb. #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/nMRLZFIRrW
@CERTAzerbaijan
30 Jan 2025
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-56626 &amp- CVE-2024-56627: Critical Linux Kernel SMB Server Bugs Uncov CVE-2024-56626 CVE-2024-56627 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/ymxuhQjuyJ #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
29 Jan 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Linuxカーネル用SMBサーバーに重大な脆弱性、PoCも公開済み:CVE-2024-56626 - Codebook https://t.co/j7h2r4nL0J #izumino_trend
@sec_trend
28 Jan 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
KSMBD Modülünde Kritik Güvenlik Açıkları: CVE-2024-56626 ve CVE-2024-56627 https://t.co/BH8DBBB5gF
@cyberwebeyeos
28 Jan 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56626 & CVE-2024-56627: Critical Linux Kernel SMB Server Bugs Uncovered, PoC Published - https://t.co/4OPGcrKfRM
@moton
28 Jan 2025
71 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Linuxカーネル用SMBサーバーに重大な脆弱性、PoCも公開済み:CVE-2024-56626、CVE-2024-56627 | Codebook https://t.co/lycg1bWfBu ”攻撃者による脆弱なシステムの乗っ取りを可能にする恐れがある…影響を受けるのは5.15より後のカーネルバージョンで、パッチ済みバージョンは6.13-rc2”
@catnap707
28 Jan 2025
513 Impressions
1 Retweet
10 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-56626 & CVE-2024-56627: Critical Linux Kernel SMB Server Bugs Uncovered, PoC Published https://t.co/Uy1sNcIcUS
@Dinosn
28 Jan 2025
3136 Impressions
17 Retweets
48 Likes
12 Bookmarks
1 Reply
0 Quotes
LinuxカーネルのSMBサーバ機能KSMBDで重大(Critical)な脆弱性複数が修正された。CVE-2024-56626は境界外書き込み、CVE-2024-56627は境界外読み込みで、それぞれCVSSスコアは9.8と9.1。カーネル5.15より後が脆弱で、6.13-rc2で修正。 https://t.co/jsG2GjbEgo
@__kokumoto
28 Jan 2025
3047 Impressions
23 Retweets
46 Likes
14 Bookmarks
0 Replies
1 Quote
CVE-2024-56626 (CVSS 9.8) & CVE-2024-56627 (CVSS 9.1): Critical Linux Kernel SMB Server Bugs Uncovered, PoC Published Discover the critical vulnerabilities in KSMBD that could allow attackers to gain control of Linux systems. https://t.co/vsJKZLa5AD
@the_yellow_fall
28 Jan 2025
426 Impressions
3 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-56626 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write An offset from client could be a negati… https://t.co/21HMqfUsk2
@CVEnew
27 Dec 2024
202 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6877BC79-54F8-4872-9080-B8D0D2E4FC9C",
"versionEndExcluding": "5.15.176",
"versionStartIncluding": "5.15"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265",
"versionEndExcluding": "6.1.120",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9",
"versionEndExcluding": "6.6.66",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7",
"versionEndExcluding": "6.12.5",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"
}
],
"operator": "OR"
}
]
}
]