Lucene search
Quentin Minster (@thalium_team)ZDI-23-695HistoryMay 17, 2023 - 12:00 a.m.
Linux Kernel ksmbd Session Setup Memory Exhaustion Denial-of-Service Vulnerability
2023-05-1700:00:00
Quentin Minster (@thalium_team)
www.zerodayinitiative.com
13
vulnerability
remote attackers
denial-of-service
linux kernel
ksmbd
smb2_session_setup
resource consumption
0.004 Low
EPSS
Percentile
74.5%
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
redhatcve
redhatcve
CVE-2023-32247
2023-07-05 12:48:27
cbl_mariner
cbl_mariner
cve
cve
CVE-2023-32247
2023-07-24 16:15:11
debiancve
debiancve
CVE-2023-32247
2023-07-24 16:15:11
nvd
nvd
CVE-2023-32247
2023-07-24 16:15:11
ubuntucve
ubuntucve
CVE-2023-32247
2023-07-24 00:00:00
cvelist
cvelist
prion
prion
Design/Logic Flaw
2023-07-24 16:15:00
nessus
nessus
osv
osv
linux-raspi vulnerabilities
2024-03-21 13:01:27
linux-oracle, linux-oracle-5.15 vulnerabilities
2024-03-25 23:24:11
openvas
openvas
Ubuntu: Security Advisory (USN-6704-2)
2024-03-22 00:00:00
Ubuntu: Security Advisory (USN-6704-3)
2024-03-26 00:00:00
Ubuntu: Security Advisory (USN-6704-1)
2024-03-21 00:00:00
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2024-03-21 00:00:00
Linux kernel (Oracle) vulnerabilities
2024-03-25 00:00:00
Linux kernel vulnerabilities
2024-03-20 00:00:00
redos
redos
ROS-20230905-01
2023-09-04 00:00:00