We have bad news for all Linux system administrators on vacation or planning to vacation: There is a critical Linux kernel security bug. The Zero Day Initiative (ZDI), a zero-day security research organization, revealed a new Linux kernel security problem.
This vulnerability allows authenticated remote users to access sensitive information and execute code on affected Linux kernel versions.
How severe is it, really? The ZDI originally gave it a perfect 10 on the 0–10 Common Vulnerability Scoring System (CVSS) scale. The flaw now stands at 9.6. That is still a “Patch it now!” kind of problem on every Linux server.
Where’s the problem?
The problem is in the Linux 5.15 in-kernel Server Message Block (SMB) server, ksmbd. The issue is found in the processing of SMB2_TREE_DISCONNECT commands. The problem stems from the failure to validate the existence of an object before executing actions on it. An attacker can exploit this flaw to execute code in the kernel context.
Samsung created this new application, which was included in the kernel in 2021. Its goal was to provide fast SMB3 file-serving performance (SMB is a vital file server protocol used in Windows and Linux via Samba).
Ksmbd is not meant to replace Samba but rather to supplement it. Samba and ksmbd developers are collaborating to make the programs operate together.
Patching immediately is advised
That said, Jeremy Allison, Samba’s co-creator, writes, “ksmbd shares no code with production Samba. It’s completely from scratch. So, this current situation has nothing to do with the Samba file server you may be running on your systems.”
Any distribution that uses the Linux kernel 5.15 or above is vulnerable. This contains Ubuntu 22.04 and its progeny, as well as Deepin Linux 20.3. Ubuntu is the most concerning for server requirements.
The 5.15 kernel is not used by other enterprise distributions, such as the Red Hat Enterprise Linux (RHEL) family. If you need more clarification, check to ascertain and patch where necessary. In the meantime, you’re better off using Samba.
Tip: Linus Torvalds announces 8th release candidate of Linux 6.1