Linux Kernel ksmbd Use-After-Free Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's ksmbd component. The issue arises in the 'ksmbd_free_work_struct' where an 'interim_entry' of 'ksmbd_work' could be deleted after an oplock is freed. This vulnerability allows for improper management of linked list entries, as the interim request could be sent immediately when an oplock break wait is required.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for memory corruption or arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Use-After-Free Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating