Linux Kernel ksmbd VFS Cache Race Condition Vulnerability

A race condition vulnerability has been identified in the Linux kernel's ksmbd component, specifically within the virtual file system (VFS) cache management. This vulnerability arises from inconsistent locking mechanisms when accessing the delete-on-close and pending-delete states maintained in the ksmbd_inode structure. Some functions properly use the ci->m_lock to synchronize access to the m_flags field, while others do not, leading to potential data races. This issue can occur when multiple threads concurrently open, close, and delete the same file, causing the delete-on-close and pending-delete indicators to be lost or misrepresented. As a result, files may remain on disk after being marked for deletion or disappear unexpectedly while still in use.

Impact

Exploitation of this vulnerability can disrupt file deletion processes, causing files to either persist on disk after being flagged for deletion or to vanish while they are still actively being used.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux Kernel Archive.