vulnerability
Debian: CVE-2023-5345: linux -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 10/03/2023 | 07/30/2024 | 02/20/2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
10/03/2023
Added
07/30/2024
Modified
02/20/2025
Description
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free.
We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
Solution
debian-upgrade-linux

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.