Security researchers have released a full proof-of-concept (PoC) exploit for a high-severity vulnerability in the Linux kernel’s ksmbd module, demonstrating a reliable path to local privilege escalation.

The vulnerability, tracked as CVE-2025-37947, is an out-of-bounds write that can be leveraged by an authenticated local attacker to gain complete root control over a vulnerable system.