hngopher.com

       [HN Gopher] Linux Kernel Ksmbd Use-After-Free Remote Code Execut...
       ___________________________________________________________________
        
       Linux Kernel Ksmbd Use-After-Free Remote Code Execution
       Vulnerability
        
       Author : choult
       Score  : 31 points
       Date   : 2022-12-22 21:15 UTC (1 hours ago)
        
 (HTM) web link (www.zerodayinitiative.com)
 (TXT) w3m dump (www.zerodayinitiative.com)
        
       | enasterosophes wrote:
       | It's like a bunch of people correctly predicted a few months ago
       | that maybe this kind of attack surface shouldn't be added into
       | the kernel: https://news.ycombinator.com/item?id=28355754
        
         | rektide wrote:
         | [flagged]
        
           | tpush wrote:
           | Sincerely, what the hell are you even talking about? You are
           | literally commenting on a kernel RCE enabled by putting this
           | stuff in the kernel!
        
             | anonymousiam wrote:
             | It's obviously a GPT-3 generated comment.
        
               | jacquesm wrote:
               | If you're lucky.
        
       | [deleted]
        
       | mappu wrote:
       | Samba outperforms ksmbd anyway -
       | https://samba.plus/blog/detail/ksmbd-a-new-in-kernel-smb-ser...
       | 
       | The main reason to use ksmbd is if you can't use GPLv3 Samba.
       | Most PC SMB servers will still be using Samba instead of ksmbd
       | for this reason. Ksmbd is mostly used on NAS boxes.
        
         | anderspitman wrote:
         | My main reason for wanting ksmbd is that it's tiny (a few
         | hundred k I believe). The smallest Samba build I've seen is
         | ~40MB, and not very portable at all. I pretty much had to use
         | buildroot to make it work.
         | 
         | My use case is shipping minimal Linux kernels + initramfs that
         | can be run with QEMU. I need file sharing and SMB is the most
         | universal protocol. I can ship the entire kernel (~5MB) and
         | QEMU (~15MB) in less space than Samba. I would love a minimal
         | build.
        
         | amarshall wrote:
         | > The main reason to use ksmbd is if you can't use GPLv3 Samba
         | 
         | If that's the case, why did they have to put it in the Kernel?
         | Couldn't it have just been userland?
        
       | snvzz wrote:
       | Yet another vulnerability and exploit that just wouldn't be
       | possible on a well-designed system, such as Genode[0] with
       | seL4[1].
       | 
       | Monolithic UNIX clones are an anachronism we are well past the
       | time to get rid of.
       | 
       | 0. https://genode.org/
       | 
       | 1. https://sel4.systems/
        
       | xuhu wrote:
       | Do any shares have to be defined or just the module enabled for
       | this to work ?
        
         | ZiiS wrote:
         | Not my area; but it looks to me like you have to be able to
         | mount a share; so it is only unauthenticated if you have public
         | shares defined.
        
       | anderspitman wrote:
       | See also https://lwn.net/Articles/871866/.
       | 
       | I would love to see this implementation succeed (Samba is too big
       | and not portable enough for my use case), but there have
       | definitely been challenges.
        
       | hsbauauvhabzb wrote:
       | The css doesn't correctly overflow text on my phone meaning half
       | the page is not rendered. Which kernel versions are vulnerable to
       | this?
        
       ___________________________________________________________________
       (page generated 2022-12-22 23:00 UTC)