CVE-2023-32246
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-32246
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32246.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-32246
- Downstream
- Published
- 2025-08-16T14:15:26Z
- Modified
- 2025-09-03T16:57:35.749110Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: call rcubarrier() in ksmbdserver_exit()
racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcu_barrier() is not called at module unload time, so nothing prevents ksmbd from getting unloaded while it still has RCU callbacks pending. It leads to trigger unintended execution of kernel code locally and use to defeat protections such as Kernel Lockdown
- References
-
- https://git.kernel.org/stable/c/5a7090ccc242ab009ee7769e9d7fad6644dbe9bd
- https://git.kernel.org/stable/c/b80422474ffe44cb5e813cd6da1f1c6bc50fd9d2
- https://git.kernel.org/stable/c/c053e389db0d892e2ff5a60ec5e533b976503795
- https://git.kernel.org/stable/c/d4174505016a3b2996eb7ff1530dcabbf15d47b6
- https://git.kernel.org/stable/c/eb307d09fe15844fdaebeb8cc8c9b9e925430aa5
- https://security-tracker.debian.org/tracker/CVE-2023-32246
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source