CVE-2025-37802
📋 TL;DR
This CVE describes a kernel warning in the Linux kernel's ksmbd (SMB server) module where a mutex lock is incorrectly acquired while the task is in a sleeping state. This affects systems running vulnerable Linux kernel versions with ksmbd enabled, potentially causing kernel warnings and system instability. The vulnerability does not allow privilege escalation or remote code execution.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, though this is unlikely as it's a warning condition rather than a security flaw.
Likely Case
Kernel warning messages in system logs and potential minor performance impact during SMB operations.
If Mitigated
No security impact if patched; only logging noise if unpatched.
🎯 Exploit Status
This is not a security vulnerability that can be exploited for privilege escalation or code execution; it's a kernel warning condition.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits: 1df0d4c616138784e033ad337961b6e1a6bcd999, 8f805b3746d2f41702c77cba22f94f8415fadd1a, cd161198e091e8a62b9bd631be970ea9a87d2d6a
Vendor Advisory: https://git.kernel.org/stable/c/1df0d4c616138784e033ad337961b6e1a6bcd999
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution. 2. Reboot the system. 3. Verify the fix by checking kernel logs for absence of the warning.
🔧 Temporary Workarounds
Disable ksmbd module
linuxIf ksmbd is not required, disable it to prevent the warning condition.
sudo modprobe -r ksmbd
echo 'blacklist ksmbd' | sudo tee /etc/modprobe.d/ksmbd-blacklist.conf
🧯 If You Can't Patch
- Monitor system logs for kernel warnings and ensure system stability
- Consider disabling ksmbd if SMB server functionality is not required
🔍 How to Verify
Check if Vulnerable:
Check kernel logs for warning messages containing 'do not call blocking ops when !TASK_RUNNING' and 'ksmbd_durable_scavenger_alive'Check Version:
uname -rVerify Fix Applied:
After patching, verify that the warning messages no longer appear in kernel logs during SMB operations📡 Detection & Monitoring
Log Indicators:
- Kernel warning: 'do not call blocking ops when !TASK_RUNNING'
- References to ksmbd_durable_scavenger_alive in kernel logs
Network Indicators:
- None - this is not network exploitable
SIEM Query:
source="kernel" AND "do not call blocking ops when !TASK_RUNNING" AND "ksmbd"