5 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: Validate the payload size before reading the handle. The handleresponse function dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed o...
EUVD-2025-36664
In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...
AZL-69024 CVE-2025-40084 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...
UBUNTU-CVE-2025-40084
In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...
CVE-2025-40084
CVE-2025-40084 affects the Linux kernel’s ksmbd transport_ipc path. The flaw arises when handle_response() reads a 4-byte handle from the payload without verifying that the declared payload size is at least 4 bytes, allowing a malformed or truncated ksmbd.mountd message to cause a read past the p...