CVE-2023-3867

Advisory lineage Upstream: 0 Downstream: 18

Downstream

DEBIAN-CVE-2023-3867 SUSE-SU-2025:03272-1 SUSE-SU-2025:03290-1 SUSE-SU-2025:03301-1 SUSE-SU-2025:03382-1 SUSE-SU-2025:03602-1

Analyzed

Published: 16 Aug 2025, 13:29

Last modified:11 May 2026, 19:27

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

7.1 HIGH

v3.1 (nvd)

EPSS Score

0.11% LOW

0% probability +0.01%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Aug 2025, 13:29

Published

Vulnerability first disclosed

11 May 2026, 19:27

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2_sess_setup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first payload in the smb2_sess_setup().

CVSS Metrics

v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.11%• Percentile: 30%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 676392184785ace61e939831e7ca44a03d438c3b | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < ef572ffa8eb44111eed2925fbb2adca78bdcbf61 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 2ba03cecb12ac7ac9e0170e251543c56832d9959 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 98422bdd4cb3ca4d08844046f6507d7ec2c2b8d8 | 5.15
linux•linux_kernel
≥ 5.15, < 5.15.145 | ≥ 5.16, < 6.1.40 | ≥ 6.2, < 6.4.5