CyberSecurityBoard
Sponsor Register Login

Linux Kernel KSMBD Vulnerability Exploited in the Wild

A critical vulnerability in the Linux kernel's KSMBD component has been actively exploited by threat actors, raising significant security concerns for systems running vulnerable versions. The flaw, identified as CVE-2023-38831, allows attackers to execute arbitrary code with kernel privileges, potentially leading to full system compromise. This vulnerability affects the kernel's SMB server implementation, which is used for file sharing and network communication. Security researchers have observed exploitation attempts targeting unpatched Linux servers, emphasizing the urgency for administrators to apply the latest patches and updates. The exploitation of this vulnerability underscores the increasing focus on kernel-level attacks by sophisticated adversaries, highlighting the need for robust monitoring and incident response strategies. Organizations relying on Linux infrastructure should prioritize vulnerability management and ensure comprehensive security controls are in place to mitigate risks associated with such critical flaws. This article delves into the technical details of the KSMBD vulnerability, its exploitation methods, and recommended mitigation steps to protect Linux environments from emerging threats.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 09 Oct 2025 08:10:21 +0000


Cyber News related to Linux Kernel KSMBD Vulnerability Exploited in the Wild

CVE-2024-46795 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused ...
1 year ago Tenable.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2024-26957 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
0-Click Linux Kernel KSMBD RCE Exploit - A critical zero-click remote code execution (RCE) vulnerability has been discovered in the Linux kernel's KSMBD component, which handles SMB3 protocol operations. This flaw allows attackers to execute arbitrary code on vulnerable systems without any ...
2 months ago Cybersecuritynews.com CVE-2023-38408
CVE-2024-57895 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTR_CTIME flags when setting mtime David reported that the new warning from setattr_copy_mgtime is coming like the following. [ 113.215316] ------------[ cut here ...
10 months ago Tenable.com
CVE-2024-26688 - In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in ...
1 year ago Tenable.com
CVE-2022-49123 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2023-53329 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
CVE-2024-26811 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload ...
1 year ago Tenable.com
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
1 year ago Securityaffairs.com CVE-2024-23222 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109
CVE-2024-44989 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke
CVE-2022-48664 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
Linux Kernel KSMBD Vulnerability Exploited in the Wild - A critical vulnerability in the Linux kernel's KSMBD component has been actively exploited by threat actors, raising significant security concerns for systems running vulnerable versions. The flaw, identified as CVE-2023-38831, allows attackers to ...
1 month ago Cybersecuritynews.com CVE-2023-38831
CVE-2022-49248 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2022-50315 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
CVE-2024-56658 - In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy ...
11 months ago Tenable.com
CVE-2022-48923 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago
CVE-2022-49156 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2025-39809 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
CVE-2023-4130 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2024-50106 - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread ...
1 year ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)