CVE-2023-4458

MEDIUM Year: 2023
CVSS v3 Score
4.0
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.

Related Vulnerabilities

CVE-2023-20838

MEDIUM
CVSS:4.0(Medium)

In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for explo...

CWE-1252023

CVE-2023-5520

MEDIUM
CVSS:4.0(Medium)

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.

CWE-1252023

CVE-2023-5998

MEDIUM
CVSS:4.0(Medium)

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.

CWE-1252023

CVE-2024-23912

MEDIUM
CVSS:4.0(Medium)

Out-of-bounds Read vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_File() function is used to read a malformed DICOM data, it might result in over-reading memory buffer and could c...

CWE-1252024

CVE-2024-57822

MEDIUM
CVSS:4.0(Medium)

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

CWE-1252024

CVE-2025-29839

MEDIUM
CVSS:4.0(Medium)

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.

CWE-1252025