An authentication bypass in the Linux kernel's ksmbd module enables attackers to hijack durable file handles, posing a high risk of unauthorized data access.

This is an authentication bypass where the ksmbd server fails to verify if the security context of a reconnect request matches the original file open. An attacker can hijack orphaned durable handles to gain unauthorized access to files.

With a CVSS score of 8.8, this is a significant security flaw for file servers. Attackers can gain unauthorized access to sensitive files, violating the MS-SMB2 protocol specification and potentially leading to the theft of confidential information.

Immediate Action: Apply the kernel patch associated with commit 49110a8ce654 immediately to enforce durable handle owner validation.

Proactive Monitoring: Monitor SMB server logs for unauthorized attempts to reconnect to existing file handles or abnormal session behavior.

Compensating Controls: Disable durable handle support in ksmbd configuration if it is not required for business operations.

Public Exploit Available: true

The availability of public exploit code makes this a high-priority remediation. Organizations running ksmbd as an SMB3 server must apply the provided kernel patch immediately to prevent unauthorized file access.