7.1

CVE-2025-39943

ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

If data_offset and data_length of smb_direct_data_transfer struct are
invalid, out of bounds issue could happen.
This patch validate data_offset and data_length field in recv_done.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.1 < 5.15.194
LinuxLinux Kernel Version >= 5.16 < 6.1.154
LinuxLinux Kernel Version >= 6.2 < 6.6.108
LinuxLinux Kernel Version >= 6.7 < 6.12.49
LinuxLinux Kernel Version >= 6.13 < 6.16.9
LinuxLinux Kernel Version5.15 Update-
LinuxLinux Kernel Version5.15 Updaterc7
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
LinuxLinux Kernel Version6.17 Updaterc3
LinuxLinux Kernel Version6.17 Updaterc4
LinuxLinux Kernel Version6.17 Updaterc5
LinuxLinux Kernel Version6.17 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.038
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bc
Patch
https://git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5
Patch
https://git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70
Patch
https://git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885
Patch
https://git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48
Patch
https://git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67c
Patch