Linux Kernel Vulnerability Affecting ksmbd by Performance Engineering
CVE-2023-3866

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 August 2025

What is CVE-2023-3866?

A vulnerability exists in the ksmbd component of the Linux kernel that can lead to NULL pointer dereferencing due to inadequate validation of session and tree IDs in compound requests. Specifically, when the first operation in a compound request is an SMB2 ECHO request, ksmbd allows the bypassing of essential validations. This flaw can result in work->sess and work->tcon being NULL. Subsequent requests that attempt to access these NULL pointers may cause critical errors, potentially leading to system instability or data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 854156d12caa9d36de1cf5f084591c7686cc8a9d

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf

References

https://git.kernel.org/stable/c/eb947403518ea3d93f6d89264...
https://git.kernel.org/stable/c/854156d12caa9d36de1cf5f08...
https://git.kernel.org/stable/c/d1066c1b3663401cd23c0d6e6...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.