Primary

Context

Linux Kernel ksmbd SMBDirect Max Fragmented Receive Size Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's ksmbd component has been addressed. This issue involved the SMBDirect feature not properly verifying that the remaining data length adhered to the maximum fragmented receive size. The vulnerability could potentially lead to improper buffer handling in data transfers.

Impact

The vulnerability could cause buffer validation issues in SMBDirect data transfers, potentially leading to memory corruption or other unintended behavior.

Reproduction

The vulnerability could be reproduced by sending SMBDirect messages that include a remaining data length exceeding the maximum fragmented receive size. This could be done by manipulating the data transfer packets to bypass the intended buffer validation.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Oct 4, 2025, 8:33 AM

Updated: Oct 4, 2025, 8:33 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.7

remediation

7.7

relevance

0.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.7

remediation

7.7

relevance

0.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd SMBDirect Max Fragmented Receive Size Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating