10 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-32257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and...
Ubuntu: Security Advisory (USN-6626-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6628-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6628-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6628-1: Linux kernel (Intel IoTG) vulnerabilities
Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...
Ubuntu: Security Advisory (USN-6626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-32257 affecting package hyperv-daemons for versions less than 5.15.145.2-1
CVE-2023-32257 affecting package hyperv-daemons for versions less than 5.15.145.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-32257 affecting package kernel for versions less than 5.15.135.1-2
CVE-2023-32257 affecting package kernel for versions less than 5.15.135.1-2. A patched version of the package is available...
CVE-2023-32257 Session race condition remote code execution vulnerability
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...
CVE-2023-32257
CVE-2023-32257 affects the Linux kernel ksmbd (the in-kernel SMB server). The vulnerability stems from lack of proper locking when processing SMB2_SESSION_SETUP and SMB2_LOGOFF, enabling an attacker to execute code in the kernel context. The initial description documents the root cause and impact...