ZDI-25-100: Linux Kernel ksmbd Session Setup Race Condition Remote Code Execution Vulnerability
First published: Thu Feb 27 2025(Updated: )
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the implementation of session setup. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-25-100?
ZDI-25-100 has a CVSS rating of 9.0, indicating a critical severity level.
How do I fix ZDI-25-100?
To fix ZDI-25-100, it is recommended to disable ksmbd on affected systems or apply the latest security patches provided by your Linux distribution.
Who is affected by ZDI-25-100?
Only installations of the Linux Kernel with ksmbd enabled are affected by ZDI-25-100.
Can ZDI-25-100 be exploited without authentication?
Yes, ZDI-25-100 can be exploited remotely without requiring authentication.
What type of attacks can ZDI-25-100 enable?
ZDI-25-100 allows remote attackers to execute arbitrary code on the affected installations.
- collector/zdi-published
- source/ZDI
- alias/ZDI-CAN-25737
- agent/first-publish-date
- agent/title
- agent/last-modified-date
- agent/source
- agent/type
- agent/references
- agent/severity
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/zdi-advisory
- alias/ZDI-25-100
- vendor/linux
- canonical/linux kernel