Linux Kernel ksmbd Out-of-Bounds Write Vulnerability in Stream Write Function

Vulnerability

A vulnerability in the Linux kernel's ksmbd component allows for out-of-bounds memory writes. The issue arises in the vfs_stream_write function, where the write offset was not properly validated against the length of the existing stream data. This lack of validation could lead to memory corruption. The vulnerability has been addressed by adding a check to ensure the write offset is within the valid range before proceeding with the operation. If the check fails, an error is returned.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory writes, potentially causing memory corruption or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Out-of-Bounds Write Vulnerability in Stream Write Function

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating