CVE-2021-45100
First published: Thu Dec 16 2021(Updated: )
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ksmbd Project Ksmbd | <=3.4.2 | |
| Linux Linux kernel | <=5.15.8 | |
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| Netapp H300e Firmware | ||
| Netapp H300e | ||
| Netapp H500e Firmware | ||
| Netapp H500e | ||
| Netapp H700e Firmware | ||
| Netapp H700e | ||
| Netapp H410s Firmware | ||
| Netapp H410s |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-45100?
CVE-2021-45100 is a vulnerability in the ksmbd server, used in the Linux kernel, that allows cleartext communication even when encryption is enabled.
What is the severity of CVE-2021-45100?
CVE-2021-45100 has a severity value of 7.5, which is considered high.
How does CVE-2021-45100 impact Linux systems?
CVE-2021-45100 affects Linux systems running the ksmbd server, potentially exposing cleartext communication even when encryption is enabled.
How can I fix CVE-2021-45100?
To fix CVE-2021-45100, it is recommended to update the ksmbd server to version 3.4.3 or later.
Where can I find more information about CVE-2021-45100?
More information about CVE-2021-45100 can be found in the references: [link1], [link2], [link3].
- agent/weakness
- agent/description
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ksmbd project
- canonical/ksmbd project ksmbd
- version/ksmbd project ksmbd/3.4.2
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/5.15.8
- vendor/netapp
- canonical/netapp h410c firmware
- canonical/netapp h410c
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h300e firmware
- canonical/netapp h300e
- canonical/netapp h500e firmware
- canonical/netapp h500e
- canonical/netapp h700e firmware
- canonical/netapp h700e
- canonical/netapp h410s firmware
- canonical/netapp h410s