The vulnerability in the Linux kernel stems from the ksmbd service incorrectly handling volume identifiers in FS_OBJECT_ID_INFORMATION. Rather than reliably using the filesystem's UUID, it may fall back to the filesystem's fsid from vfs_statfs(), which can be ambiguous or improperly formatted. This flaw can cause SMB shares to be exposed with incorrect or duplicate identifiers, potentially leading to confusion over which share a client accesses or allowing an attacker to infer information about the underlying filesystem. The flaw is limited to the volume identification logic used by ksmbd and does not appear to provide a direct exploit vector for code execution or privilege escalation.

All Linux systems running a kernel version that has not incorporated the patch referenced by commit identification data. The fix is incorporated in Linux kernel releases after the commits listed in the references, covering all mainstream Linux distributions that ship the kernel. No specific version string was supplied, so administrators should verify that their installed kernel includes the changes.

The EPSS score is below 1 % and the vulnerability is not present in the CISA KEV catalog, indicating a low probability of exploitation. No publicly documented exploits exist, and the CVSS score was not provided. Attack feasibility would likely require an adversary who can interact with ksmbd over SMB and manipulate volume identifiers, which typically necessitates local or network-level access to the target system. As a result, the risk is considered moderate at most, with the primary concern being inadvertent exposure or mislabeling of shares rather than direct compromise.