Linux Kernel CIFS Oops Vulnerability in SMB Connection Handling

Vulnerability

A vulnerability in the Linux kernel's CIFS (Common Internet File System) implementation has been addressed. The issue was caused by an uncleared pointer in the server's SMB connection management, which could lead to a kernel oops (a type of error). The vulnerability arose during the reconnection process, where the pointer was not properly cleared after the associated connection structure was freed. This oversight could cause confusion in the reconnection logic.

Impact

The vulnerability could lead to a kernel oops, causing a disruption in system operations by introducing a critical error that the kernel cannot handle, potentially leading to a system crash or instability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel CIFS Oops Vulnerability in SMB Connection Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating