CVE-2023-45896

EPSS 0.08%
Veröffentlicht 28.08.2024 05:15:13
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

CNA 0 VulnDex Vulnerability Enrichment 9

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.227

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.11

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=013ff63b649475f0ee134e2c8d0c8e65284ede50

https://github.com/torvalds/linux/commit/013ff63b649475f0ee134e2c8d0c8e65284ede50

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2023-45896

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-45896

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-45896

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-45896