← voltar
CVE-2021-45100

CVE-2021-45100

EPSS 0.9%
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/cifsd-team/ksmbd/issues/550https://github.com/cifsd-team/ksmbd/pull/551https://marc.info/?l=linux-kernel&m=163961726017023&w=2https://security.netapp.com/advisory/ntap-20220107-0001/