CVE-2023-0210
HIGHLinux Kernel 5.15-5.15.87 - Heap-based Buffer Overflow in ksmbd NTLMv2 Authentication
Title source: llmDescription
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
References (7)
Core 7
Core References
Mailing List, Patch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
Mailing List, Patch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230517-0002/
Exploit, Third Party Advisory
https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/
Exploit, Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/01/04/1
Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/01/11/1
Scores
CVSS v3
7.5
EPSS
0.7174
EPSS Percentile
99.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-122
CWE-787
Status
published
Products (1)
linux/linux_kernel
5.15 - 5.15.87
Published
Mar 27, 2023
Tracked Since
Feb 18, 2026