Linux Kernel ksmbd Vulnerability in opinfo_get_list() Handling

Vulnerability

A vulnerability in the Linux kernel's ksmbd component was addressed, related to the improper handling of list entries in the opinfo_get_list() function. The original implementation used the list_first_entry() macro, which could return an invalid pointer if the list was empty. The vulnerability has been resolved by replacing it with list_first_entry_or_null(), which correctly checks for an empty list.

Impact

The vulnerability could lead to dereferencing an invalid pointer, potentially causing a kernel crash or other undefined behavior.

Added: Jul 2, 2025, 3:47 PM

Updated: Jul 2, 2025, 3:47 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Vulnerability in opinfo_get_list() Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating