Login Sign Up

CVE-2023-52755

8.4 HIGH
Denial of Service

📋 TL;DR

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to write beyond allocated memory boundaries in the smb_inherit_dacl() function. It affects systems running vulnerable Linux kernel versions with ksmbd enabled, potentially leading to system crashes or arbitrary code execution.

💻 Affected Systems

Products:
  • Linux kernel with ksmbd module
Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if ksmbd (SMB server) module is loaded and enabled

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete system compromise

🟠

Likely Case

Kernel panic causing system crash and denial of service

🟢

If Mitigated

No impact if ksmbd is disabled or systems are patched

🌐 Internet-Facing: MEDIUM - Requires ksmbd service to be exposed and accessible
🏢 Internal Only: MEDIUM - Internal attackers could exploit if ksmbd is enabled

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires access to SMB services and knowledge of triggering the vulnerable code path

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commits 09d9d8b40a33, 712e01f32e57, 8387c94d73ec, aaf0a07d6088, or eebff19acaa3

Vendor Advisory: https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify ksmbd module loads correctly if needed.

🔧 Temporary Workarounds

Disable ksmbd module

linux

Prevent loading of vulnerable ksmbd SMB server module

echo 'blacklist ksmbd' >> /etc/modprobe.d/blacklist-ksmbd.conf
rmmod ksmbd

Restrict SMB access

linux

Limit network access to ksmbd service using firewall rules

iptables -A INPUT -p tcp --dport 445 -j DROP
iptables -A INPUT -p tcp --dport 139 -j DROP

🧯 If You Can't Patch

  • Disable ksmbd module completely
  • Implement strict network segmentation to isolate SMB services

🔍 How to Verify

Check if Vulnerable:

Check if ksmbd module is loaded: lsmod | grep ksmbd. If loaded, check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and ksmbd module loads without errors

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • ksmbd crash logs
  • Out of bounds memory access errors in dmesg

Network Indicators:

  • Unusual SMB traffic patterns to ksmbd service
  • Multiple connection attempts to SMB ports

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND process="ksmbd"

📊 Metadata

CVE ID: CVE-2023-52755
CVSS v3 Score: 8.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 21, 2024
Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52755, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)