Linux Kernel ksmbd Dangling Pointer Vulnerability in Kerberos Authentication

Vulnerability

A vulnerability in the Linux kernel's ksmbd component has been identified, involving a dangling pointer in the Kerberos authentication process. The issue arises because the function 'krb_authenticate' frees the 'sess->user' pointer without resetting it to NULL. Subsequently, 'smb2_sess_setup' can access this freed memory, leading to potential undefined behavior. This vulnerability has been addressed in the Linux kernel.

Impact

Exploitation of this vulnerability could lead to access of freed memory, potentially causing undefined behavior or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Dangling Pointer Vulnerability in Kerberos Authentication

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating