{"id":"CVE-2021-45100","details":"The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.","modified":"2026-03-20T04:14:02.199836Z","published":"2021-12-16T05:15:08.827Z","related":["MGASA-2022-0021","MGASA-2022-0022"],"references":[{"type":"ADVISORY","url":"https://github.com/cifsd-team/ksmbd/issues/550"},{"type":"ADVISORY","url":"https://marc.info/?l=linux-kernel&m=163961726017023&w=2"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220107-0001/"},{"type":"FIX","url":"https://github.com/cifsd-team/ksmbd/pull/551"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cifsd-team/ksmbd","events":[{"introduced":"0"},{"last_affected":"39d5ae81a07bc0caa81d2064d3653f54fd8da3b1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.4.2"}]}}],"versions":["3.0.1","3.0.2","3.1.0","3.1.1","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.1.9","3.2.0","3.2.1","3.2.2","3.2.3","3.2.4","3.2.5","3.3.0","3.3.1","3.3.2","3.3.3","3.3.4","3.3.5","3.3.6","3.3.7","3.3.8","3.3.9","3.4.0","3.4.1","3.4.2","v2.0.2","v2.0.3","v2.0.4","v2.0.5","v2.0.6","v3.0.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45100.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}