{"id":"CVE-2021-45100","details":"The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption.","modified":"2026-04-16T04:42:29.883618927Z","published":"2021-12-16T05:15:08.827Z","references":[{"type":"ADVISORY","url":"https://github.com/cifsd-team/ksmbd/issues/550"},{"type":"ADVISORY","url":"https://marc.info/?l=linux-kernel&m=163961726017023&w=2"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220107-0001/"},{"type":"FIX","url":"https://github.com/cifsd-team/ksmbd/pull/551"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cifsd-team/ksmbd","events":[{"introduced":"0"},{"last_affected":"39d5ae81a07bc0caa81d2064d3653f54fd8da3b1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.4.2"}]}}],"versions":["3.3.5","3.3.6","3.3.7","3.3.8","3.3.9","3.4.0","3.4.1","3.4.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45100.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}