Primary

Context

Linux Kernel ksmbd Memory Leak Vulnerability Leading to Denial-of-Service

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's ksmbd component. This issue arises when a client sends a session setup request containing an unknown NTLMSSP message type. The flaw can lead to a denial-of-service condition by causing resource exhaustion, as the leaked memory is not properly released after its use. The vulnerability affects all versions of the Linux kernel that include the ksmbd component.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by creating a memory leak that is not released, leading to resource exhaustion on the affected system.

Remediation

Linux has released a patch for this vulnerability. The commit details can be found in the official Linux Git repository.

Added: Aug 2, 2025, 11:24 PM

Updated: Aug 2, 2025, 11:24 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Memory Leak Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating