CVE-2023-32257

{"id": "CVE-2023-32257", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2023-07-24T16:15:11.680", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-32257", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219806", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0011/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20596/", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-667"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en el ksmbd del kernel de Linux, un servidor SMB de alto rendimiento en el kernel. La falla espec\u00edfica existe dentro del procesamiento de comandos SMB2_SESSION_SETUP y SMB2_LOGOFF. El problema se debe a la falta de bloqueo adecuado al realizar operaciones en un objeto. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del kernel."}], "lastModified": "2023-12-22T17:06:02.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E233AD0-DABB-4668-93A7-DD0909B16CB9", "versionEndExcluding": "6.1.29", "versionStartIncluding": "5.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F92F7C8E-A977-4255-B1B6-D1908D8B408F", "versionEndExcluding": "6.2.16", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38F6F330-91A0-4675-8B90-6F950471A7CC", "versionEndExcluding": "6.3.2", "versionStartIncluding": "6.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191"}, {"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"}, {"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"}, {"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"}, {"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}