CVE-2021-45100

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-45100

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45100.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-45100

Downstream

UBUNTU-CVE-2021-45100

Related

Published

2021-12-16T05:15:08Z

Modified

2025-07-01T13:08:48.525815Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2GLOBALCAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.

References

Affected packages

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.15-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.15-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/cifsd-team/ksmbd

Affected ranges

Type: GIT
Repo: https://github.com/cifsd-team/ksmbd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

39d5ae81a07bc0caa81d2064d3653f54fd8da3b1

Affected versions

3.*

3.0.1

3.0.2

3.1.0

3.1.1

3.1.3

3.1.4

3.1.5

3.1.6

3.1.7

3.1.8

3.1.9

3.2.0

3.2.1

3.2.2

3.2.3

3.2.4

3.2.5

3.3.0

3.3.1

3.3.2

3.3.3

3.3.4

3.3.5

3.3.6

3.3.7

3.3.8

3.3.9

3.4.0

3.4.1

3.4.2

v2.*

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v3.*

v3.0.0