A zero-day use-after-free vulnerability (CVE-2025-37899) was discovered in the Linux kernel’s SMB (Server Message Block) implementation, specifically within the `ksmbd` module’s logoff command handler. The flaw arises due to improper synchronization between concurrent SMB session threads, where one thread frees the `sess->user` object while another continues accessing it, leading to memory corruption, system crashes, or potential privilege escalation.The vulnerability was uncovered using OpenAI’s o3 AI model, which analyzed the kernel code and identified unsafe memory access scenarios under concurrent execution. While no active exploitation has been reported, the flaw poses a critical risk to systems relying on SMB3 protocol implementations, including enterprise servers, NAS devices, and embedded Linux systems. A successful exploit could allow attackers to execute arbitrary code in kernel mode, compromising system integrity, confidentiality, and availability.The discovery also highlighted the effectiveness and limitations of AI-driven vulnerability research, with o3 demonstrating superior detection capabilities compared to other models but still producing a high false-positive rate. Patches are expected to be released in upcoming kernel updates, but unpatched systems remain exposed to remote code execution (RCE) attacks via malicious SMB connections.