CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-32251
https://bugzilla.redhat.com/show_bug.cgi?id=2385852
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17
https://www.zerodayinitiative.com/advisories/ZDI-23-699/

Configurations

No configuration.

History

No history.

Information

Published : 2025-07-31 21:15

Updated : 2025-11-21 06:15

NVD link : CVE-2023-32251

Mitre link : CVE-2023-32251

CVE.ORG link : CVE-2023-32251

JSON object : View

Products Affected

No product.

CWE

CWE-307

Improper Restriction of Excessive Authentication Attempts

{"id": "CVE-2023-32251", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2025-07-31T21:15:26.810", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-32251", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385852", "source": "secalert@redhat.com"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17", "source": "secalert@redhat.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-699/", "source": "secalert@redhat.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en el componente ksmbd del kernel de Linux (servidor SMB/CIFS del kernel). Un control de seguridad dise\u00f1ado para prevenir ataques de diccionario, que introduce un retraso de 5 segundos durante la configuraci\u00f3n de la sesi\u00f3n, puede eludirse mediante solicitudes as\u00edncronas. Esta elusi\u00f3n invalida la protecci\u00f3n anti-fuerza bruta prevista, lo que podr\u00eda permitir a los atacantes realizar ataques de diccionario de forma m\u00e1s eficiente contra las credenciales de usuario u otros mecanismos de autenticaci\u00f3n."}], "lastModified": "2025-11-21T06:15:46.710", "sourceIdentifier": "secalert@redhat.com"}