CVE-2023-0210
published 2023-03-27CVE-2023-0210: A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
PriorityP260high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
71.74%
99.3th percentile
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 6.1.7-1 (bookworm) | linux 6.1.7-1 (bookworm) |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 6.1.7-1 | 6.1.7-1 |
| linux | linux_kernel | >= 0 < 6.1.7-1 | 6.1.7-1 |
| linux | linux_kernel | >= 0 < 6.1.7-1 | 6.1.7-1 |
| linux | linux_kernel | >= 0 < 5.15.0-69.76 | 5.15.0-69.76 |
| linux | linux_kernel | >= 5.15 < 5.15.87 | 5.15.87 |
| linux | linux_kernel | >= 5.16 < 6.0.19 | 6.0.19 |
| linux | linux_kernel | >= 6.1 < 6.1.5 | 6.1.5 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability targets the Linux kernel's ksmbd NTLMv2 authentication path; monitor for heap overflow conditions in ksmbd_decode_ntlmssp_auth_blob, which can cause immediate OS crash (remote DoS) ↗
- ·Red Hat Enterprise Linux 6, 7, 8, and 9 kernels are NOT affected — ksmbd is not built in Red Hat kernel source ↗
- ·Debian bookworm, forky, sid, and trixie are fixed in kernel version 6.1.7-1; bullseye is also resolved ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2023-05-22·CVSS 4.7
CVE-2023-23454 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2023-05-18·CVSS 4.7
CVE-2022-36280 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2023-05-16·CVSS 4.7
CVE-2023-0458 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2023-04-11·CVSS 5.8
CVE-2023-23454 [MEDIUM] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use th
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2023-03-29·CVSS 5.8
CVE-2023-0210 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2023-03-03·CVSS 6.3
CVE-2022-4379 [MEDIUM] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel
did not properly handle VLAN headers in some situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-0179)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained a
Red Hat
Kernel: Heap overflow in ksmbd_decode_ntlmssp_auth_blob cause remote DOS
vendor_redhat·2023-01-10·CVSS 7.5
CVE-2023-0210 [HIGH] CWE-122 Kernel: Heap overflow in ksmbd_decode_ntlmssp_auth_blob cause remote DOS
Kernel: Heap overflow in ksmbd_decode_ntlmssp_auth_blob cause remote DOS
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
Statement: There was no shipped kernel version were seen affected with this problem. These files are not built in our source code.
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 8) - Not affected
Package: kernel (Red Hat Enterprise Linux 9) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 9) - Not affected
Debian
CVE-2023-0210: linux - A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to cra...
vendor_debian·2023·CVSS 7.5
CVE-2023-0210 [HIGH] CVE-2023-0210: linux - A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to cra...
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
Scope: local
bookworm: resolved (fixed in 6.1.7-1)
bullseye: resolved
forky: resolved (fixed in 6.1.7-1)
sid: resolved (fixed in 6.1.7-1)
trixie: resolved (fixed in 6.1.7-1)
GHSA
GHSA-mw67-65x5-h28p: A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems
ghsa_unreviewed·2023-07-06
CVE-2023-0210 [HIGH] CWE-122 GHSA-mw67-65x5-h28p: A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
OSV
linux-gcp, linux-hwe-5.19 vulnerabilities
osv·2023-05-22·CVSS 4.7
CVE-2022-27672 [MEDIUM] linux-gcp, linux-hwe-5.19 vulnerabilities
linux-gcp, linux-hwe-5.19 vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-3707)
Haowei Yan discovered that a
OSV
linux, linux-aws, linux-azure, linux-azure-5.19, linux-kvm, linux-lowlatency, linux-raspi vulnerabilities
osv·2023-05-16·CVSS 4.7
CVE-2022-27672 [MEDIUM] linux, linux-aws, linux-azure, linux-azure-5.19, linux-kvm, linux-lowlatency, linux-raspi vulnerabilities
linux, linux-aws, linux-azure, linux-azure-5.19, linux-kvm, linux-lowlatency, linux-raspi vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
servi
OSV
linux-intel-iotg vulnerabilities
osv·2023-04-11·CVSS 8.8
CVE-2022-2196 [HIGH] linux-intel-iotg vulnerabilities
linux-intel-iotg vulnerabilities
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Hyunwoo Kim disc
OSV
linux-gke, linux-gke-5.15, linux-ibm, linux-kvm vulnerabilities
osv·2023-03-29·CVSS 8.8
CVE-2022-2196 [HIGH] linux-gke, linux-gke-5.15, linux-ibm, linux-kvm vulnerabilities
linux-gke, linux-gke-5.15, linux-ibm, linux-kvm vulnerabilities
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CV
OSV
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, lin
osv·2023-03-28·CVSS 8.8
[HIGH] linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, lin
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that th
OSV
CVE-2023-0210: A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems
osv·2023-03-27·CVSS 7.5
CVE-2023-0210 [HIGH] CVE-2023-0210: A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
OSV
linux-oem-6.1 vulnerabilities
osv·2023-03-03·CVSS 5.5
CVE-2023-0461 [MEDIUM] linux-oem-6.1 vulnerabilities
linux-oem-6.1 vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel
did not properly handle VLAN headers in some situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-0179)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commithttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6https://security.netapp.com/advisory/ntap-20230517-0002/https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/https://www.openwall.com/lists/oss-security/2023/01/04/1https://www.openwall.com/lists/oss-security/2023/01/11/1https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commithttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6https://security.netapp.com/advisory/ntap-20230517-0002/https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/https://www.openwall.com/lists/oss-security/2023/01/04/1https://www.openwall.com/lists/oss-security/2023/01/11/1
2023-03-27
Published