ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image.
{ "vanir_signatures": [ { "source": "https://github.com/torvalds/linux/commit/013ff63b649475f0ee134e2c8d0c8e65284ede50", "signature_type": "Function", "signature_version": "v1", "deprecated": false, "target": { "file": "fs/ntfs3/record.c", "function": "mi_enum_attr" }, "digest": { "length": 1768.0, "function_hash": "93313526891363859699594395646258225464" }, "id": "CVE-2023-45896-24d32d8f" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@013ff63b649475f0ee134e2c8d0c8e65284ede50", "signature_type": "Function", "signature_version": "v1", "deprecated": false, "target": { "file": "fs/ntfs3/record.c", "function": "mi_enum_attr" }, "digest": { "length": 1768.0, "function_hash": "93313526891363859699594395646258225464" }, "id": "CVE-2023-45896-6a08f14f" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@013ff63b649475f0ee134e2c8d0c8e65284ede50", "signature_type": "Line", "signature_version": "v1", "deprecated": false, "target": { "file": "fs/ntfs3/record.c" }, "digest": { "line_hashes": [ "296807458869966558970655332996529644530", "44161360160339396219332482272880973814", "176559503857624937340729376126370877326", "176061172810307318216282662766943989164", "292071011621088888398767444467702226159", "158841312722204219146706015354804086207", "16856496872511036805412102625733698405", "173695660289941917440107909234110133902", "45930876182301543259267395953638298999", "97213208781875975857117240052813248092", "257525388712414431233557107346538116442", "263317793436770018611246382316548640527", "168953667026732418714807328662380549537", "15679720276182520376945410714292412997", "141152124589176453288506205098061930334", "246737785037302775019817011442098805431", "78756227549662534952517429624561258677", "251550428120357882348308633648119859839", "202303586986471625394255087935303039721", "271235897206607028543813188087144545507", "223526870126027632439432625360445830342", "139951814573537234695126774454997740887", "267058383734237332922859436458166968931", "202576340071958069756797535636122245588", "70909405330826471031440387726399441095", "332158332620457767800862767900784421412", "68414940630129289539539619777728381417", "235116576139884488378851415498590481133", "292470970262080150798933166178470043753", "189925004653744718172348483616731788917", "323560684595722492430548038160577432513", "228443639801683400068418317493000031254", "168097954881892656432585855821080589311", "339134731456699809226340309250693011998", "154024866955303980882469702782594863712", "278486291018561097903641882131378421597", "53036489176203591809402218497897916283", "123381886784819736539552390917054292881", "60138025788199336099104187218678528414", "222327860289284432177816434312634872672", "154806837325594832904657928716104357503", "86146432523599520664676066216148492732", "235616253529944837152881385129492780169", "331030870204256886293795851646657392605" ], "threshold": 0.9 }, "id": "CVE-2023-45896-a8a30016" }, { "source": "https://github.com/torvalds/linux/commit/013ff63b649475f0ee134e2c8d0c8e65284ede50", "signature_type": "Line", "signature_version": "v1", "deprecated": false, "target": { "file": "fs/ntfs3/record.c" }, "digest": { "line_hashes": [ "296807458869966558970655332996529644530", "44161360160339396219332482272880973814", "176559503857624937340729376126370877326", "176061172810307318216282662766943989164", "292071011621088888398767444467702226159", "158841312722204219146706015354804086207", "16856496872511036805412102625733698405", "173695660289941917440107909234110133902", "45930876182301543259267395953638298999", "97213208781875975857117240052813248092", "257525388712414431233557107346538116442", "263317793436770018611246382316548640527", "168953667026732418714807328662380549537", "15679720276182520376945410714292412997", "141152124589176453288506205098061930334", "246737785037302775019817011442098805431", "78756227549662534952517429624561258677", "251550428120357882348308633648119859839", "202303586986471625394255087935303039721", "271235897206607028543813188087144545507", "223526870126027632439432625360445830342", "139951814573537234695126774454997740887", "267058383734237332922859436458166968931", "202576340071958069756797535636122245588", "70909405330826471031440387726399441095", "332158332620457767800862767900784421412", "68414940630129289539539619777728381417", "235116576139884488378851415498590481133", "292470970262080150798933166178470043753", "189925004653744718172348483616731788917", "323560684595722492430548038160577432513", "228443639801683400068418317493000031254", "168097954881892656432585855821080589311", "339134731456699809226340309250693011998", "154024866955303980882469702782594863712", "278486291018561097903641882131378421597", "53036489176203591809402218497897916283", "123381886784819736539552390917054292881", "60138025788199336099104187218678528414", "222327860289284432177816434312634872672", "154806837325594832904657928716104357503", "86146432523599520664676066216148492732", "235616253529944837152881385129492780169", "331030870204256886293795851646657392605" ], "threshold": 0.9 }, "id": "CVE-2023-45896-f2f0280c" } ] }