CVE-2023-0210

Public Exploit

Description

A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.

Link	Tags
https://www.openwall.com/lists/oss-security/2023/01/04/1	mailing list third party advisory exploit
https://www.openwall.com/lists/oss-security/2023/01/11/1	third party advisory mailing list
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit	patch mailing list
https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/	third party advisory exploit
https://security.netapp.com/advisory/ntap-20230517-0002/	third party advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707	patch mailing list
https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6	patch

What is the severity of CVE-2023-0210?: CVE-2023-0210 has been scored as a high severity vulnerability.
How to fix CVE-2023-0210?: To fix CVE-2023-0210, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-0210 being actively exploited in the wild?: It is possible that CVE-2023-0210 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-0210?: CVE-2023-0210 affects n/a Linux Kernel.