CVE-2023-32255 Information

Aug 03, 2025 cve

Description

A flaw was found in the Linux kernel’s ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type potentially leading to resource exhaustion.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Reference

https://access.redhat.com/security/cve/CVE-2023-32255 https://bugzilla.redhat.com/show_bug.cgi?id=2385884 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d7cb549c2ca20e1f07593f15e936fd54b763028 https://www.zerodayinitiative.com/advisories/ZDI-23-703/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

5.3

CNNVD-202508-156 (Published: 2025-08-02)

Share on:

CVE-2023-32255 Information

Description

CVSS Vector

Reference

Attack Complexity

Privileges Required

User Interaction Required

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Base Score

Base Severity

Related CNNVD