Use-After-Free Flaw in Linux Kernel's ksmbd Component Affects Multichannel SMB Connections
CVE-2023-32256
7.5HIGH
Key Information:
- Vendor
- CVE Published:
- 1 August 2025
What is CVE-2023-32256?
A vulnerability has been identified in the ksmbd component of the Linux kernel, where a race condition occurs between the SMB2 close operation and logoff actions in multichannel connections. This flaw may create conditions that lead to a use-after-free issue, potentially allowing attackers to execute arbitrary code or cause system disruptions. It is crucial for users and administrators to apply necessary patches and updates to mitigate risks associated with this vulnerability.