Unrated severityNVD Advisory· Published Oct 3, 2023· Updated Feb 27, 2025
Use-after-free in Linux kernel's fs/smb/client component
CVE-2023-5345
Description
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free.
We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
Affected products
104- osv-coords103 versionspkg:deb/ubuntu/linux-azure@6.5.0-1009.9?arch=source&distro=manticpkg:deb/ubuntu/linux-gcp@6.5.0-1010.10?arch=source&distro=manticpkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP4pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP4pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP4pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP4pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5
< 6.5.0-1009.9+ 102 more
- (no CPE)range: < 6.5.0-1009.9
- (no CPE)range: < 6.5.0-1010.10
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1.150400.24.42.1
- (no CPE)range: < 5.14.21-150500.55.31.1.150500.6.13.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 6.5.6-1.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1.150400.24.42.1
- (no CPE)range: < 5.14.21-150400.24.92.1.150400.24.42.1
- (no CPE)range: < 5.14.21-150500.55.31.1.150500.6.13.1
- (no CPE)range: < 5.14.21-150400.24.92.1.150400.24.42.1
- (no CPE)range: < 5.14.21-150500.55.31.1.150500.6.13.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 3-150400.2.1
- (no CPE)range: < 1-150400.1.3.1
- (no CPE)range: < 12-150400.2.2
- (no CPE)range: < 11-150400.2.2
- (no CPE)range: < 8-150400.2.1
- (no CPE)range: < 5-150400.2.1
- (no CPE)range: < 4-150400.2.1
- (no CPE)range: < 3-150400.2.1
- (no CPE)range: < 1-150400.9.3.1
- (no CPE)range: < 6-150500.15.1
- (no CPE)range: < 3-150500.2.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 6-150500.15.1
- (no CPE)range: < 5-150500.2.1
- (no CPE)range: < 4-150500.2.1
- (no CPE)range: < 3-150500.2.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.14.69.1
- (no CPE)range: < 5.14.21-150500.33.20.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
- (no CPE)range: < 5.14.21-150400.15.56.1
- (no CPE)range: < 5.14.21-150500.13.21.1
- (no CPE)range: < 5.14.21-150400.24.92.1
- (no CPE)range: < 5.14.21-150500.55.31.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrepatch
- packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.htmlmitre
- kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/mitre
News mentions
0No linked articles in our index yet.