Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-32257 CVSS:8.1

Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a race condition in the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the kernel.

CVE-2023-32256 CVSS:7.5

Linux Kernel could allow a remote attacker to obtain sensitive information, caused by a race condition during the processing of SMB2_QUERY_INFO and SMB2_LOGOFF commands. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.

CVE-2023-32255 CVSS:5.3

Linux Kernel is vulnerable to a denial of service, caused by memory leak in the handling of SMB2_SESSION_SETUP commands. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2023-32254 CVSS:9.8

Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a race condition in the processing of SMB2_TREE_DISCONNECT commands. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the kernel.

Impact

• Code Execution
• Information Disclosure
• Denial of Service

Indicators Of Compromise

CVE

• CVE-2023-32257
• CVE-2023-32256
• CVE-2023-32255
• CVE-2023-32254

Affected Vendors

Linux

Affected Products

• Linux Kernel

Remediation

Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information. 

CVE-2023-32257

CVE-2023-32256

CVE-2023-32255

CVE-2023-32254