We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable.
Reserved 2023-07-25 | Published 2024-11-18 | Updated 2024-11-18 | Assigner fedoraUncontrolled Resource Consumption
2023-07-24: | Reported to Red Hat. |
2024-06-10: | Made public. |
access.redhat.com/security/cve/CVE-2023-39180
bugzilla.redhat.com/show_bug.cgi?id=2326531 (RHBZ#2326531)
www.zerodayinitiative.com/advisories/ZDI-24-589/
Support options