Skip to main content

Serious Linux kernel security hole uncovered

posted onDecember 23, 2022
by l33tdawg
IT Pro
Credit: IT Pro

Linux has issued an update to address a kernel-level security vulnerability that affected server message block (SMB) servers.

The remote code execution (RCE) flaw allowed unauthenticated users to execute kernel-level code and received the maximum possible severity rating on the common vulnerability reporting system (CVSS). Most businesses and enterprise users are believed to be safe from any potential exploitation given that the vulnerability only affected the lesser-used KSMBD module rather than the more popular Samba suite.

Specifically, the vulnerability lies in the processing of SMB2_TREE_DISCONNECT commands - packet requests sent by the client to request access to a given share on a server. “The issue results from the lack of validating the existence of an object prior to performing operations on the object,” read the public advisory posted by the Zero Day Initiative (ZDI). “An attacker can leverage this vulnerability to execute code in the context of the kernel.”

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th