Redhat.comRH:CVE-2023-0210

HistoryJan 23, 2023 - 6:05 p.m.

CVE-2023-0210

2023-01-2318:05:29

redhat.com

access.redhat.com

cve-2023-0210

linux kernel

ksmbd

ntlmv2

authentication

crash

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.005

Percentile

76.0%

JSON

A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.

References

bugzilla.redhat.com/show_bug.cgi?id=2163499

nvd.nist.gov/vuln/detail/CVE-2023-0210

seclists.org/oss-sec/2023/q1/4

securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/

www.cve.org/CVERecord?id=CVE-2023-0210

www.spinics.net/lists/stable-commits/msg282893.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.005

Percentile

76.0%

JSON

Related for RH:CVE-2023-0210