| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025041600-CVE-2025-22043-a8b9@gregkh> Date: Wed, 16 Apr 2025 16:12:14 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2025-22043: ksmbd: add bounds check for durable handle context Description =========== In the Linux kernel, the following vulnerability has been resolved: ksmbd: add bounds check for durable handle context Add missing bounds check for durable handle context. The Linux kernel CVE team has assigned CVE-2025-22043 to this issue. Affected and fixed versions =========================== Fixed in 6.6.87 with commit 8d4848c45943c9cf5e86142fd7347efa97f497db Fixed in 6.12.23 with commit 29b946714d6aa77de54c71243bba39469ac43ef2 Fixed in 6.13.11 with commit 1107b9ed92194603593c51829a3887812ae9e806 Fixed in 6.14.2 with commit f0db3d9d416e332a0d6f045a1509539d3a4cd898 Fixed in 6.15-rc1 with commit 542027e123fc0bfd61dd59e21ae0ee4ef2101b29 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-22043 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/smb/server/smb2pdu.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/8d4848c45943c9cf5e86142fd7347efa97f497db https://git.kernel.org/stable/c/29b946714d6aa77de54c71243bba39469ac43ef2 https://git.kernel.org/stable/c/1107b9ed92194603593c51829a3887812ae9e806 https://git.kernel.org/stable/c/f0db3d9d416e332a0d6f045a1509539d3a4cd898 https://git.kernel.org/stable/c/542027e123fc0bfd61dd59e21ae0ee4ef2101b29
Powered by blists - more mailing lists