Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-32247

Опубликовано: 04 мая 2023
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Отчет

No Red Hat products are affected by this flaw, as the ksmbd code is not included in any shipping kernel release.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-401
https://bugzilla.redhat.com/show_bug.cgi?id=2219803kernel: ksmbd: session setup memory exhaustion denial-of-service vulnerability

EPSS

Процентиль: 25%
0.00083
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-32247

CVSS3: 7.5
ubuntu
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

nvd логотип

CVE-2023-32247

CVSS3: 7.5
nvd
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

debian логотип

CVE-2023-32247

CVSS3: 7.5
debian
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-ke ...

github логотип

GHSA-ph9g-g7m5-2pg5

CVSS3: 7.5
github
почти 2 года назад

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

fstec логотип

BDU:2023-02750

CVSS3: 7.5
fstec
около 2 лет назад

Уязвимость модуля ksmbd ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 25%
0.00083
Низкий

7.5 High

CVSS3