Linux Kernel Vulnerability in ksmbd Affects File System Information Retrieval
CVE-2023-53399

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53399?

A vulnerability in the Linux Kernel's ksmbd component has been identified, which involves a NULL pointer dereference during file system information retrieval in the smb2_get_info_filesystem function. Specifically, if the share's path is NULL, it triggers a dereference issue, potentially leading to system instability or crashes. This flaw necessitates that users upgrade their systems to avoid any exploitation risks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 227eb2689b44d0d60da3839b146983e73435924c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/227eb2689b44d0d60da3839b1...

https://git.kernel.org/stable/c/a70751dd7b60eab025e97e19b...

https://git.kernel.org/stable/c/b35f6c031b87d9e51f141ff6d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025