Rewterz Threat Alert – AsyncRAT – Active IOCs
May 30, 2023Rewterz Threat Alert – Threat Actors Weaponizing .ZIP Domains To Trick Victims
May 30, 2023Rewterz Threat Alert – AsyncRAT – Active IOCs
May 30, 2023Rewterz Threat Alert – Threat Actors Weaponizing .ZIP Domains To Trick Victims
May 30, 2023Severity
High
Analysis Summary
CVE-2023-32257 CVSS:8.1
Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a race condition in the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the kernel.
CVE-2023-32256 CVSS:7.5
Linux Kernel could allow a remote attacker to obtain sensitive information, caused by a race condition during the processing of SMB2_QUERY_INFO and SMB2_LOGOFF commands. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition.
CVE-2023-32255 CVSS:5.3
Linux Kernel is vulnerable to a denial of service, caused by memory leak in the handling of SMB2_SESSION_SETUP commands. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-32254 CVSS:9.8
Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a race condition in the processing of SMB2_TREE_DISCONNECT commands. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of the kernel.
Impact
- Code Execution
- Information Disclosure
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-32257
- CVE-2023-32256
- CVE-2023-32255
- CVE-2023-32254
Affected Vendors
Linux
Affected Products
- Linux Kernel
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.