What is the vulnerability ID of this Linux Kernel vulnerability?

The vulnerability ID is ZDI-CAN-21355.

What is the severity of the ZDI-CAN-21355 vulnerability?

The severity of the ZDI-CAN-21355 vulnerability is high with a severity value of 7.2.

How can remote attackers exploit the ZDI-CAN-21355 vulnerability?

Remote attackers can exploit the ZDI-CAN-21355 vulnerability to disclose sensitive information on affected installations of Linux Kernel.

Is authentication required to exploit the ZDI-CAN-21355 vulnerability?

No, authentication is not required to exploit the ZDI-CAN-21355 vulnerability.

Which systems are vulnerable to the ZDI-CAN-21355 vulnerability?

Only systems with ksmbd enabled are vulnerable to the ZDI-CAN-21355 vulnerability.

Are there any references available for the ZDI-CAN-21355 vulnerability?

Yes, you can find references for the ZDI-CAN-21355 vulnerability at the following links: [http://www.zerodayinitiative.com/advisories/ZDI-23-981/](http://www.zerodayinitiative.com/advisories/ZDI-23-981/), [https://lore.kernel.org/all/20230624040141.16088-1-linkinjeon@kernel.org/](https://lore.kernel.org/all/20230624040141.16088-1-linkinjeon@kernel.org/), [https://www.zerodayinitiative.com/advisories/ZDI-23-981/](https://www.zerodayinitiative.com/advisories/ZDI-23-981/).

Vulnerability/
ZDI-CAN-21355

high

7.2

20/7/2023

16/1/2024

ZDI-CAN-21355: Linux Kernel ksmbd Session Setup Out-Of-Bounds Read Information Disclosure Vulnerability

First published: Thu Jul 20 2023(Updated: )

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the handling of session setup commands. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel.

Affected Software	Affected Version	How to fix

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of this Linux Kernel vulnerability?
The vulnerability ID is ZDI-CAN-21355.
What is the title of this Linux Kernel vulnerability?
The title of this vulnerability is ZDI-23-981: Linux Kernel ksmbd Session Setup Out-Of-Bounds Read Information Disclosure Vulnerability.
What is the severity of the ZDI-CAN-21355 vulnerability?
The severity of the ZDI-CAN-21355 vulnerability is high with a severity value of 7.2.
How can remote attackers exploit the ZDI-CAN-21355 vulnerability?
Remote attackers can exploit the ZDI-CAN-21355 vulnerability to disclose sensitive information on affected installations of Linux Kernel.
Is authentication required to exploit the ZDI-CAN-21355 vulnerability?
No, authentication is not required to exploit the ZDI-CAN-21355 vulnerability.
Which systems are vulnerable to the ZDI-CAN-21355 vulnerability?
Only systems with ksmbd enabled are vulnerable to the ZDI-CAN-21355 vulnerability.
Are there any references available for the ZDI-CAN-21355 vulnerability?
Yes, you can find references for the ZDI-CAN-21355 vulnerability at the following links: [http://www.zerodayinitiative.com/advisories/ZDI-23-981/](http://www.zerodayinitiative.com/advisories/ZDI-23-981/), [https://lore.kernel.org/all/20230624040141.16088-1-linkinjeon@kernel.org/](https://lore.kernel.org/all/20230624040141.16088-1-linkinjeon@kernel.org/), [https://www.zerodayinitiative.com/advisories/ZDI-23-981/](https://www.zerodayinitiative.com/advisories/ZDI-23-981/).

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
collector/zdi-advisory
source/ZDI
alias/ZDI-23-981
alias/ZDI-CAN-21355
alias/CVE-2023-3867
agent/software-canonical-lookup
collector/zdi-published
vendor/linux
canonical/linux kernel