CVE-2023-32258

🗓️ 24 Jul 2023 15:19:26Reported by redhatType

Flaw in Linux kernel's ksmbd, allows code execution

Reporter	Title	Published	Views	Family All 109
ATTACKERKB	CVE-2023-32258	24 Jul 202316:15	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.15	20 May 202605:53	–	astralinux
CBLMariner	CVE-2023-32258 affecting package hyperv-daemons for versions less than 5.15.145.2-1	19 Jan 202403:54	–	cbl_mariner
CBLMariner	CVE-2023-32258 affecting package kernel for versions less than 5.15.135.1-2	8 Nov 202302:07	–	cbl_mariner
Circl	CVE-2023-32258	27 Jul 202303:58	–	circl
CNNVD	Linux kernel 安全漏洞	24 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-32258 Session race condition remote code execution vulnerability	24 Jul 202315:19	–	cvelist
Debian CVE	CVE-2023-32258	24 Jul 202315:19	–	debiancve
EUVD	EUVD-2023-36515	3 Oct 202520:07	–	euvd
Microsoft CVE	Session race condition remote code execution vulnerability	31 Jul 202307:00	–	mscve

NVD

Node

linux linux_kernelRange5.15–5.15.145

linux linux_kernelRange5.16–6.1.29

linux linux_kernelRange6.2–6.2.16

linux linux_kernelRange6.3–6.3.2

Node

netapp h300sMatch-

netapp h410sMatch-

netapp h500sMatch-

netapp h700sMatch-

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "versions": [
      {
        "version": "6.4-rc1",
        "status": "unaffected"
      }
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "product": "Fedora",
    "vendor": "Fedora",
    "collectionURL": "https://packages.fedoraproject.org/",
    "packageName": "kernel",
    "defaultStatus": "unaffected"
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-20796/
security	www.security.netapp.com/advisory/ntap-20230915-0011/
access	www.access.redhat.com/security/cve/CVE-2023-32258
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

21 Nov 2024 08:02Current

8.6High risk

Vulners AI Score8.6

CVSS 3.18.1

EPSS0.00107

SSVC