Linux Kernel SMB Client Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's SMB client. This issue arises in the 'receive_encrypted_standard()' function, where the absence of proper checks for the 'next_buffer' and the return values of 'cifs_buf_get()' and 'cifs_small_buf_get()' can lead to a null pointer dereference.

Impact

Exploitation of this vulnerability causes a null pointer dereference, which can lead to a denial of service by causing a system crash or instability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SMB Client Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating