CVE-2023-32253

A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-32253
https://bugzilla.redhat.com/show_bug.cgi?id=2385886

Configurations

No configuration.

History

04 Aug 2025, 15:06

Type	Values Removed	Values Added
Summary		(es) Se detectó una falla en el componente ksmbd del kernel de Linux. El envío simultáneo de múltiples solicitudes de configuración de sesión provoca un bloqueo, lo que podría provocar una denegación de servicio.

02 Aug 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-02 23:15

Updated : 2025-08-04 15:06

NVD link : CVE-2023-32253

Mitre link : CVE-2023-32253

CVE.ORG link : CVE-2023-32253

JSON object : View

Products Affected

No product.

CWE

CWE-413

Improper Resource Locking

5.9 /10