ZDI-CAN-25737: ZDI-25-100: Linux Kernel ksmbd Session Setup Race Condition Remote Code Execution Vulnerability
First published: Thu Feb 27 2025(Updated: )
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the implementation of session setup. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-25737?
ZDI-CAN-25737 has a CVSS rating of 9.0, indicating critical severity.
How do I fix ZDI-CAN-25737?
To mitigate ZDI-CAN-25737, disable ksmbd if it's not needed or apply the latest security patches provided by your Linux distribution.
Who is affected by ZDI-CAN-25737?
Only systems with ksmbd enabled are vulnerable to ZDI-CAN-25737.
Can ZDI-CAN-25737 be exploited remotely?
Yes, ZDI-CAN-25737 allows remote attackers to execute arbitrary code on affected systems.
Is authentication needed to exploit ZDI-CAN-25737?
No, authentication is not required to exploit ZDI-CAN-25737.
- collector/zdi-published
- source/ZDI
- alias/ZDI-CAN-25737
- agent/first-publish-date
- agent/title
- agent/last-modified-date
- agent/source
- agent/type
- agent/references
- agent/severity
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/zdi-advisory
- alias/ZDI-25-100
- vendor/linux
- canonical/linux kernel