Critical Linux Vulnerability Found to Impact SMB Servers

Dec 27, 2022

A Linux vulnerability with a CVSS score of 10 has been found to affect SMB servers and can lead to remote code execution.

A new flaw has been discovered in the processing of SMB2_TREE_DISCONNECT commands which can lead to remote code execution in servers with ksmbd enabled. KSMBD is an in-kernel SMB file server that was mostly written by a team at Samsung Electronics that was merged into the 5.15 kernel on August 29, 2021. This kernel server implements the SMB3 protocol in kernel space for the sharing of files over a network.

According to the Zero Day Initiative, “The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the kernel.”

This new vulnerability was discovered back in July 2022 but was only disclosed to the public on December 22, 2022. The good news is twofold: First, the vulnerability has been patched, and second, most are still using SMB and are not affected by this vulnerability. Even so, it’s critical that you apply the patch for kernel 5.15.

Related content

  • News

    In the news: Nobara Project; Gnome 44; Nitrux 2.6; Vanilla OS; Critical Linux Vulnerability Found to Impact SMB Servers; Linux Mint 21.1; Another Attempt at a Linux Tablet; Designing with LibreOffice 2nd Edition; and KaOS Linux 2022.12.

  • KSMBD Finally Reaches a Stable State

    For those who've been looking forward to the first release of KSMBD, after two years it's no longer considered experimental.

  • Critical Escalation Vulnerability Found in the Linux Kernel

    A new local privilege escalation vulnerability has been discovered in the Linux kernel and users are encouraged to upgrade/patch immediately.

  • News

    GitHub offers free private repositories, Linus Torvalds welcomes 2019 with Linux 5, SQLite database vulnerable, hacks abound, Kubernetes vulnerability found and fixed, and Dolphin announces new switch for composable architectures. 

  • Thousands of Linux Servers Infected with Stealth Malware Since 2021

    Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News