Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:HDefault status
unaffected
Any version before 5.15.145
affected
6.0.0 (semvar) before 6.0.*
affected
6.1.0 (semvar) before 6.1.29
affected
6.2.0 (semvar) before 6.2.16
affected
6.3.0 (semvar) before 6.3.2
affected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Description
A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.
Problem types
Race Condition During Access to Alternate Channel
Product status
Any version before 5.15.145
6.0.0 (semvar) before 6.0.*
6.1.0 (semvar) before 6.1.29
6.2.0 (semvar) before 6.2.16
6.3.0 (semvar) before 6.3.2
Timeline
| 2025-08-01: | Reported to Red Hat. |
| 2023-05-17: | Made public. |
References
access.redhat.com/security/cve/CVE-2023-32256
bugzilla.redhat.com/show_bug.cgi?id=2385885 (RHBZ#2385885)
git.kernel.org/...d=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19
www.zerodayinitiative.com/advisories/ZDI-23-704/