Namjae Jeon

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.43 **Description** The issue is related to the ksmbd component in the Linux kernel, where the `may open()` function does not allow a directory to be opened with write access. However, some writing flags set by the client result in adding write access on the server, making ksmbd incompatible with the FUSE file system. The problem is resolved by discarding the write access when opening a directory. A list add corruption issue is also mentioned, with a kernel bug at `lib/list debug.c:26`. The call trace includes functions such as ` list add valid()`, `fuse finish open()`, and `smb2 open()`. **Recommendations** Update to Linux kernel version 6.6.43 or later to resolve the issue. As a temporary workaround, consider disabling the `ksmbd` component until a patch is available. Restrict access to the vulnerable `fuse` module to minimize the risk of exploitation. Avoid using the `smb2 open()` function in the affected API endpoint until the issue is resolved.