7.1
CVE-2024-26594
- EPSS 0.36%
- Veröffentlicht 23.02.2024 14:15:45
- Zuletzt bearbeitet 21.11.2024 09:02:37
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
LoginIn the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.15.149
Linux ≫ Linux Kernel Version >= 5.16.0 < 6.1.75
Linux ≫ Linux Kernel Version >= 6.2.0 < 6.6.14
Linux ≫ Linux Kernel Version >= 6.7.0 < 6.7.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.571 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.