CVE-2023-2593 MEDIUM

CVE-2023-2593: Kernel: ksmbd memory exhaustion denial-of-service vulnerability

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Weakness CWE-835
Published July 30, 2025
Last update November 20, 2025
View on NVD All CVEs

CVSS base score

5.9/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.

Key dates

02Disclosure timeline

July 30, 2025 CVE published
November 20, 2025 Record updated