Linux Kernel ksmbd Component Lock Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ksmbd component has been addressed. The issue arose in the SMB2 lock handling, where the lock count could incorrectly reflect an old value if it was greater than one. This misalignment could trigger a bug-on trap during error handling, as the flags were not properly synchronized with the smb_lock status.

Impact

The vulnerability could lead to improper lock management, causing error handling routines to malfunction by freeing locks that were not correctly accounted for.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Component Lock Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating