7.1

CVE-2025-21946

ksmbd: fix out-of-bounds in parse_sec_desc()

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix out-of-bounds in parse_sec_desc()

If osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd
struct size. If it is smaller, It could cause slab-out-of-bounds.
And when validating sid, It need to check it included subauth array size.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 6.6.83
LinuxLinux Kernel Version >= 6.7 < 6.12.19
LinuxLinux Kernel Version >= 6.13 < 6.13.7
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
LinuxLinux Kernel Version6.14 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.092
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/159d059cbcb0e6d0e7a7b34af3862ba09a6b22d1
Patch
https://git.kernel.org/stable/c/6a9831180d0b23b5c97e2bd841aefc8f82900172
Patch
https://git.kernel.org/stable/c/c1569dbbe2d43041be9f3fef7ca08bec3b66ad1b
Patch
https://git.kernel.org/stable/c/d6e13e19063db24f94b690159d0633aaf72a0f03
Patch
https://git.kernel.org/stable/c/f4ee19528664777af8b842f8f001be98345aa973