ksmbd: call rcu_barrier() in ksmbd_server_exit()
3Vexday Risk Score
No sign of exploitation. No public exploitation artifact known so far.
ssvc Trackepss 0.2%
exploitation probability
0.2%top 94% of all CVEs
observed exploitation
nono source reports it
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: call rcu_barrier() in ksmbd_server_exit()
racy issue is triggered the bug by racing between closing a connection
and rmmod. In ksmbd, rcu_barrier() is not called at module unload time,
so nothing prevents ksmbd from getting unloaded while it still has RCU
callbacks pending. It leads to trigger unintended execution of kernel
code locally and use to defeat protections such as Kernel Lockdown
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/5a7090ccc242ab009ee7769e9d7fad6644dbe9bdhttps://git.kernel.org/stable/c/b80422474ffe44cb5e813cd6da1f1c6bc50fd9d2https://git.kernel.org/stable/c/c053e389db0d892e2ff5a60ec5e533b976503795https://git.kernel.org/stable/c/d4174505016a3b2996eb7ff1530dcabbf15d47b6https://git.kernel.org/stable/c/eb307d09fe15844fdaebeb8cc8c9b9e925430aa5