VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-a9qy-1tnf-aaam

Essentials
Severities (67)
References (30)
Severity details (4)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-a9qy-1tnf-aaam
Aliases	CVE-2023-34967
Summary	A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json
epss	0.02667	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.02667	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.02667	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.03142	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.11502	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.14576	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.16493	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.18572	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.27538	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
epss	0.29443	https://api.first.org/data/v1/epss?cve=CVE-2023-34967
cvssv3.1	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-34967
cvssv3.1	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-34967

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2023:6667
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json
		https://access.redhat.com/security/cve/CVE-2023-34967
		https://api.first.org/data/v1/epss?cve=CVE-2023-34967
		https://bugzilla.redhat.com/show_bug.cgi?id=2222794
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/
		https://security.netapp.com/advisory/ntap-20230731-0010/
		https://www.debian.org/security/2023/dsa-5477
		https://www.samba.org/samba/security/CVE-2023-34967.html
cpe:2.3:a:samba:samba::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba::::::::
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
cpe:2.3:o:fedoraproject:fedora:37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:::::::*
cpe:2.3:o:fedoraproject:fedora:38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
CVE-2023-34967		https://nvd.nist.gov/vuln/detail/CVE-2023-34967
GLSA-202402-28		https://security.gentoo.org/glsa/202402-28
RHSA-2023:7139		https://access.redhat.com/errata/RHSA-2023:7139
RHSA-2024:0423		https://access.redhat.com/errata/RHSA-2024:0423
RHSA-2024:0580		https://access.redhat.com/errata/RHSA-2024:0580
USN-6238-1		https://usn.ubuntu.com/6238-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2023-34967

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2023-34967

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.90114
EPSS Score	0.02667
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.