Описание
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.1 High
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
Session race condition remote code execution vulnerability
A flaw was found in the Linux kernel's ksmbd, a high-performance in-ke ...
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
EPSS
8.1 High
CVSS3