| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025040136-CVE-2025-21945-d791@gregkh> Date: Tue, 1 Apr 2025 16:40:09 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-21945: ksmbd: fix use-after-free in smb2_lock Description =========== In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2_lock If smb_lock->zero_len has value, ->llist of smb_lock is not delete and flock is old one. It will cause use-after-free on error handling routine. The Linux kernel CVE team has assigned CVE-2025-21945 to this issue. Affected and fixed versions =========================== Fixed in 6.1.131 with commit 410ce35a2ed6d0e114132bba29af49b69880c8c7 Fixed in 6.6.83 with commit 8573571060ca466cbef2c6f03306b2cc7b883506 Fixed in 6.12.19 with commit a0609097fd10d618aed4864038393dd75131289e Fixed in 6.13.7 with commit 636e021646cf9b52ddfea7c809b018e91f2188cb Fixed in 6.14 with commit 84d2d1641b71dec326e8736a749b7ee76a9599fc Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-21945 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/smb/server/smb2pdu.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/410ce35a2ed6d0e114132bba29af49b69880c8c7 https://git.kernel.org/stable/c/8573571060ca466cbef2c6f03306b2cc7b883506 https://git.kernel.org/stable/c/a0609097fd10d618aed4864038393dd75131289e https://git.kernel.org/stable/c/636e021646cf9b52ddfea7c809b018e91f2188cb https://git.kernel.org/stable/c/84d2d1641b71dec326e8736a749b7ee76a9599fc
Powered by blists - more mailing lists