CVE-2023-32252

CVSS v3.1 7.5 (High)

EPSS 0.89 % (83^th)

Affected Products 11

Advisories 8

NVD Status Analyzed

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: Red Hat, Inc.
Published Date: 2023-07-24 16:15:11
(14 months ago)
Updated Date: 2024-08-27 19:36:38
(2 weeks ago)

Affected Products

Linux

Linux Kernel

Netapp

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.15 version and prior 5.15.145 version	cpe:2.3:o:linux:linux_kernel	>= 5.15	< 5.15.145
Linux Kernel from 5.16 version and prior 6.1.29 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.29
Linux Kernel from 6.2 version and prior 6.2.16 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.2.16
Linux Kernel from 6.3 version and prior 6.3.2 version	cpe:2.3:o:linux:linux_kernel	>= 6.3	< 6.3.2

Configuration #2

AND

		CPE23
OR
	Netapp H300s	cpe:2.3:h:netapp:h300s:-
OR
	Running on/with
	Netapp H300s Firmware	cpe:2.3:o:netapp:h300s_firmware:-

Configuration #3

AND

		CPE23
OR
	Netapp H500s	cpe:2.3:h:netapp:h500s:-
OR
	Running on/with
	Netapp H500s Firmware	cpe:2.3:o:netapp:h500s_firmware:-

Configuration #4

AND

		CPE23
OR
	Netapp H700s	cpe:2.3:h:netapp:h700s:-
OR
	Running on/with
	Netapp H700s Firmware	cpe:2.3:o:netapp:h700s_firmware:-

Configuration #5

AND

		CPE23
OR
	Netapp H410s	cpe:2.3:h:netapp:h410s:-
OR
	Running on/with
	Netapp H410s Firmware	cpe:2.3:o:netapp:h410s_firmware:-

Configuration #6

AND

		CPE23
OR
	Netapp H410c	cpe:2.3:h:netapp:h410c:-
OR
	Running on/with
	Netapp H410c Firmware	cpe:2.3:o:netapp:h410c_firmware:-