The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption. Reference: https://github.com/cifsd-team/ksmbd/issues/550 Upstream patches: https://github.com/cifsd-team/ksmbd/pull/551 https://marc.info/?l=linux-kernel&m=163961726017023&w=2
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2035346]
# CONFIG_SMB_SERVER is not set in the 5.15 kernel series for Fedora.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-45100