Skip to main content


Trend Micro's ‘Zero Day Initiative’ has discovered several vulnerabilities in Linux Kernel, some of which are considered critical or high severity.  


The most serious of these vulnerabilities (ZDI-22-1690) allows remote attackers to execute arbitrary code on affected installations of Linux Kernel without requiring authentication.

This vulnerability only affects systems with ksmbd enabled.

Another serious vulnerability (ZDI-22-1691) affects the handling of SMB2_WRITE commands, rated 9.6 in severity. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel, but requires authentication to exploit.

A third vulnerability (ZDI-22-1688) is rated 8.5 in severity. It affects the handling of file attributes and results from the lack of proper validation of the length of user-supplied data before copying it to a heap-based buffer. An attacker can exploit this vulnerability to execute code in the context of the kernel.

The other two vulnerabilities (ZDI-22-1689 and ZDI-22-1687), which are ranked at 6.5 and 5.3 in severity, also affect the handling of file attributes and user-supplied data.

Recommended Action

Updates and workarounds to fix these vulnerabilities are available and these can be accessed on the webpages for each vulnerability as stated above. 

If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.


  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates