German security researcher Stefan Esser has discovered multiple vulnerabilities in smbfs, the mountable SMB (Server Message Block) file system for Linux. In an advisory made public Wednesday, Esser said the bugs theoretically could crash the kernel or leak kernel memory with the help of the SMB server. The alert carries a "moderately critical" rating.
The vulnerabilities have been corrected in Linux 2.4.28. A final patch for the 2.6 kernel is being developed. The flaws were discovered during a code audit done by German security consulting firm e-matters GmbH, where Esser is chief security officer. In the alert, the company said an attacker would need to have control over the answers of the connected SMB server to exploit the flaws.