Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ksmbd 安全漏洞
Vulnerability Description
ksmbd是由 Namjae Jeon 为 Linux 内核创建的开源内核 CIFS/SMB3 服务器。它是内核空间中 SMB/CIFS 协议的实现,用于通过网络共享文件和 IPC 服务。 ksmbd server 3.4.2及之前版本存在安全漏洞,该漏洞源于服务有时即使启用了加密也以明文进行通信。
CVSS Information
N/A
Vulnerability Type
N/A