Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2_send_interim_resp(), if ksmbd_alloc_work_struct() fails to allocate a node, it returns a NULL pointer to the in_work pointer. This can lead to an illegal memory write of in_work->response_buf when allocate_interim_rsp_buf() attempts to perform a kzalloc() on it. To address this issue, incorporating a check for the return value of ksmbd_alloc_work_struct() ensures that the function returns immediately upon allocation failure, thereby preventing the aforementioned illegal memory access.

INFO

Published Date :

2025-01-19T11:52:43.244Z

Last Modified :

2025-11-03T20:55:55.097Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-57925 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-57925.

URL Resource
https://git.kernel.org/stable/c/271ae0edbfc942795c162e6cf20d2bc02bd7fde4 cve-icon cve-icon
https://git.kernel.org/stable/c/2976e91a3e569cf2c92c9f71512c0ab1312fe965 cve-icon cve-icon
https://git.kernel.org/stable/c/4c16e1cadcbcaf3c82d5fc310fbd34d0f5d0db7c cve-icon cve-icon
https://git.kernel.org/stable/c/781c743e18bfd9b7dc0383f036ae952bd1486f21 cve-icon cve-icon
https://git.kernel.org/stable/c/ee7e40f7fb17f08a8cbae50553e5c2e10ae32fce cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57925-b738@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-57925 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-57925 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact