Security researcher Norbert Szetei published the final installment of his deep-dive into the ksmbd filesystem module, culminating in a working proof-of-concept exploit targeting CVE-2025-37947.
Unlike earlier use-after-free candidates that required complex race conditions or depended on external factors, this vulnerability offers a deterministic out-of-bounds (OOB) write primitive.
Szetei’s PoC was tested on Ubuntu 22.04.5 LTS running kernel 5.15.0-153-generic, demonstrating a reliable path to local root by carefully overflowing a zero-initialized buffer allocated via kvmalloc().
https://gbhackers.com/poc-released-for- ... erability/