SecuritySpace - CVE-2021-45100

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-45100

Description: The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-45100
https://github.com/cifsd-team/ksmbd/issues/550
https://github.com/cifsd-team/ksmbd/pull/551
https://marc.info/?l=linux-kernel&m=163961726017023&w=2

CVE ID:	CVE-2021-45100
Description:	The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-45100 https://github.com/cifsd-team/ksmbd/issues/550 https://github.com/cifsd-team/ksmbd/pull/551 https://marc.info/?l=linux-kernel&m=163961726017023&w=2