CVE-2023-32251 | THREATINT

Description

A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.

PUBLISHED Reserved 2023-05-05 | Published 2025-07-31 | Updated 2025-11-21 | Assigner redhat

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

Improper Restriction of Excessive Authentication Attempts

Product status

Default status

unaffected

Any version before 5.15.145

affected

6.0.0 (semvar) before 6.0.*

affected

6.1.0 (semvar) before 6.1.29

affected

6.2.0 (semvar) before 6.2.16

affected

6.3.0 (semvar) before 6.3.2

affected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Timeline

2025-07-31:	Reported to Red Hat.
2023-05-17:	Made public.

References

access.redhat.com/security/cve/CVE-2023-32251 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2385852 (RHBZ#2385852) issue-tracking

git.kernel.org/...d=b096d97f47326b1e2dbdef1c91fab69ffda54d17

www.zerodayinitiative.com/advisories/ZDI-23-699/

cve.org (CVE-2023-32251)

nvd.nist.gov (CVE-2023-32251)

Download JSON

help @ threatint.eu