Linux Kernel ksmbd Missing Return Value Check Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ksmbd component was introduced by a missing return value check in the smb2_send_interim_resp() function. If the ksmbd_alloc_work_struct() function fails to allocate a node, it returns a NULL pointer to the in_work pointer. This oversight can lead to an illegal memory write of in_work->response_buf when allocate_interim_rsp_buf() tries to perform a memory allocation on it. The vulnerability has been addressed by adding a check for the return value of ksmbd_alloc_work_struct(), ensuring that the function exits immediately upon allocation failure, thus preventing the illegal memory access.

Impact

Exploitation of this vulnerability could lead to illegal memory writes, potentially causing memory corruption or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Missing Return Value Check Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating