Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-32257

Опубликовано: 24 июл. 2023
Источник: nvd
CVSS3: 8.1
EPSS Низкий

Описание

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.15 (включая) до 5.15.145 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.16 (включая) до 6.1.29 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.2 (включая) до 6.2.16 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.3 (включая) до 6.3.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 26%
0.00084
Низкий

8.1 High

CVSS3

Дефекты

CWE-362
CWE-667

Связанные уязвимости

ubuntu логотип

CVE-2023-32257

CVSS3: 8.1
ubuntu
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

redhat логотип

CVE-2023-32257

CVSS3: 8.1
redhat
около 2 лет назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

debian логотип

CVE-2023-32257

CVSS3: 8.1
debian
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-ke ...

github логотип

GHSA-2rq6-85wg-96g4

CVSS3: 8.1
github
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

fstec логотип

BDU:2023-02742

CVSS3: 8.1
fstec
около 2 лет назад

Уязвимость модуля ksmbd ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 26%
0.00084
Низкий

8.1 High

CVSS3

Дефекты

CWE-362
CWE-667