Sequretek Advisory - Linux Kernel ksmbd User-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable.

• A vulnerability was discovered in the Linux kernel in July 2022 that allows remote code execution using KSMBD. A remote code execution vulnerability, classified as a Use-After-Free vulnerability, allows an attacker to execute arbitrary code.

• KSMBD is a Linux kernel component responsible for handling SMB (Server Message Block) protocol requests. The SMB protocol is a network protocol used to share files and print between devices connected to a network.

• There is a specific flaw in the processing of SMB2_TREE_DISCONNECT commands. The problem is caused by the lack of validation of an object's existence before performing operations on it. By exploiting this vulnerability, an attacker can execute code in the kernel context.

Sign Up Here for Download