Sign In

CVE-2023-32257

ADVISORY - nist

Summary

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

EPSS Score: 0.00084 (0.250)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-667

Improper Locking

ADVISORY - redhat

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-667

Improper Locking

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in