CVE-2023-2593
- Source
- https://cve.org/CVERecord?id=CVE-2023-2593
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-2593.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-2593
- Downstream
- Published
- 2025-07-30T15:15:53.952Z
- Modified
- 2026-05-08T04:51:10.191641Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Kernel: ksmbd memory exhaustion denial-of-service vulnerability
- Details
-
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.
- Database specific
{ "cwe_ids": [ "CWE-835" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/2xxx/CVE-2023-2593.json", "cna_assigner": "redhat" }- References
-
- https://access.redhat.com/downloads/content/package-browser/
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
- https://lore.kernel.org/lkml/CAH2r5msyEy20e=FBx6wPWWc3kXzNR4b+zHshSqidRdFKVf_7Jg@mail.gmail.com/
- https://access.redhat.com/security/cve/CVE-2023-2593
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/2xxx/CVE-2023-2593.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-2593
- https://bugzilla.redhat.com/show_bug.cgi?id=2384787
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedb7bfaa761d760e72a969d116517eaa12e404c262
- Database specific
{ "source": "AFFECTED_FIELD", "extracted_events": [ { "introduced": "0" }, { "fixed": "6.2-rc3" } ] }