Linux Kernel Security Bug Allows Remote Code Execution for Authenticated Remote Users

The Zero Day Initiative, a zero-day security research firm, announced a new Linux kernel security bug that allows authenticated remote users to disclose sensitive information and run code on vulnerable Linux kernel versions. ZDNet reports:

Originally, the Zero Day Initiative ZDI rated it a perfect 10 on the 0 to 10 common Vulnerability Scoring System scale. Now, the hole's 'only' a 9.6....

The problem lies in the Linux 5.15 in-kernel Server Message Block (SMB) server, ksmbd. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the kernel context. This new program, which was introduced to the kernel in 2021, was developed by Samsung. Its point was to deliver speedy SMB3 file-serving performance....

Any distro using the Linux kernel 5.15 or above is potentially vulnerable. This includes Ubuntu 22.04, and its descendants; Deepin Linux 20.3; and Slackware 15.

Read more of this story at Slashdot.