CVE-2023-32251

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-32251
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.

3.7 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17
https://www.zerodayinitiative.com/advisories/ZDI-23-699/
Configurations

No configuration.

History

04 Aug 2025, 15:06

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una vulnerabilidad en el componente ksmbd del kernel de Linux (servidor SMB/CIFS del kernel). Un control de seguridad diseñado para prevenir ataques de diccionario, que introduce un retraso de 5 segundos durante la configuración de la sesión, puede eludirse mediante solicitudes asíncronas. Esta elusión invalida la protección anti-fuerza bruta prevista, lo que podría permitir a los atacantes realizar ataques de diccionario de forma más eficiente contra las credenciales de usuario u otros mecanismos de autenticación.

01 Aug 2025, 01:15

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2023-32251', 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2385852', 'source': 'secalert@redhat.com'}

31 Jul 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-31 21:15

Updated : 2025-08-04 15:06

NVD link : CVE-2023-32251

Mitre link : CVE-2023-32251

CVE.ORG link : CVE-2023-32251

JSON object : View

Products Affected

No product.

CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts