CVE-2023-32249
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-16
Last updated on: 2025-11-18
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: not allow guest user on multichannel
This patch return STATUS_NOT_SUPPORTED if binding session is guest.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's ksmbd component allowed guest users to bind sessions on multichannel, which was not intended. The fix prevents guest users from binding sessions on multichannel by returning STATUS_NOT_SUPPORTED if the session is a guest.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow unauthorized guest users to establish multichannel sessions, potentially leading to unauthorized access or misuse of network resources.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70