5.5

CVE-2023-32246

EPSS 0.07%
Veröffentlicht 16.08.2025 13:22:09
Zuletzt bearbeitet 18.11.2025 18:10:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ksmbd: call rcu_barrier() in ksmbd_server_exit()

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: call rcu_barrier() in ksmbd_server_exit()

racy issue is triggered the bug by racing between closing a connection
and rmmod. In ksmbd, rcu_barrier() is not called at module unload time,
so nothing prevents ksmbd from getting unloaded while it still has RCU
callbacks pending. It leads to trigger unintended execution of kernel
code locally and use to defeat protections such as Kernel Lockdown

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 4 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15 < 5.15.111

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.28

Linux ≫ Linux Kernel Version >= 6.2 < 6.2.15

Linux ≫ Linux Kernel Version >= 6.3 < 6.3.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.204

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/c053e389db0d892e2ff5a60ec5e533b976503795

Patch

https://git.kernel.org/stable/c/b80422474ffe44cb5e813cd6da1f1c6bc50fd9d2

Patch

https://git.kernel.org/stable/c/d4174505016a3b2996eb7ff1530dcabbf15d47b6

Patch

https://git.kernel.org/stable/c/5a7090ccc242ab009ee7769e9d7fad6644dbe9bd

Patch

https://git.kernel.org/stable/c/eb307d09fe15844fdaebeb8cc8c9b9e925430aa5

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-32246

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-32246

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-32246

EUVD