Buffer overflow in Linux Kernel
CVE-2023-0210
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
Vulnerability class: Buffer Overflow
EPSS: 0.717 (99.3th percentile) — read the EPSS interpretation.
Affected products
- N/a Linux Kernel — versions Kernel 6.2 RC4
Weakness classification (CWE)
Public proof-of-concept exploits
References
- www.openwall.com/lists/oss-security/2023/01/04/1
- www.openwall.com/lists/oss-security/2023/01/11/1
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
- securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-r…
- security.netapp.com/advisory/ntap-20230517-0002/
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
- github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
Frequently asked questions
- What is CVE-2023-0210?
- CVE-2023-0210 is a vulnerability in Linux Kernel, classified under Heap-based Buffer Overflow. Published 2023-03-27.
- Is CVE-2023-0210 known to be exploited?
- 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.