Volerion logoVolerion
Volerion logoVolerion

Linux Kernel ksmbd Lock-Range Check Vulnerability Leading to Underflow

Vulnerability

A vulnerability in the Linux kernel's ksmbd component can cause a numerical underflow. This issue arises when the size parameter equals the current file size (i_size), including zero. The code attempts to check the lock range by subtracting one from the size, which can lead to an underflow when size is zero. The vulnerability is present in the stable version of the Linux kernel.

Impact

Exploitation of this vulnerability could lead to a numerical underflow, potentially causing unintended behavior in the application.

Reproduction

The vulnerability can be reproduced by setting the size parameter to zero or to the current file size. This will trigger the lock range check, causing the size parameter to underflow.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Jan 13, 2026, 6:25 PM
Updated: Jan 13, 2026, 6:25 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
2.0
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.