A flaw was found in the Linux kernels ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.