Security Advisory

CVE-2017-15037

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-10-05 07:00:00

Last updated 2024-08-05 19:42:22

Assigner mitre

State PUBLISHED

Description

In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final 0 character.

← Browse all CVEs View on cve.org ↗