Linux KSMBD Subsystem Vulnerability Can Exhaust Server Resources
Recently, a denial-of-service vulnerability was discovered in the KSMBD (SMB Direct) subsystem of the Linux kernel, attracting widespread attention in the open-source community. This vulnerability, identified as CVE-2025-38501, allows remote and unauthenticated attackers to exploit the kernel’s handling of half-open TCP sessions to exhaust all available SMB connections. The key aspect of this vulnerability is … Read more