Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipc_msg_alloc() can potentially overflow leading to memory corruption. Add bounds checking using KSMBD_IPC_MAX_PAYLOAD to avoid overflow.

INFO

Published Date :

2025-02-27T02:12:19.705Z

Last Modified :

2025-11-03T19:36:51.420Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-21748 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-21748.

URL Resource
https://git.kernel.org/stable/c/760568c1f62ea874e8fb492f9cfa4f47b4b8391e cve-icon cve-icon
https://git.kernel.org/stable/c/82f59d64e6297f270311b16b5dcf65be406d1ea3 cve-icon cve-icon
https://git.kernel.org/stable/c/aab98e2dbd648510f8f51b83fbf4721206ccae45 cve-icon cve-icon
https://git.kernel.org/stable/c/b4b902737746c490258de5cb55cab39e79927a67 cve-icon cve-icon
https://git.kernel.org/stable/c/ecb9947fa7c99a77b04d43404c6988a0d326e4a0 cve-icon cve-icon
https://git.kernel.org/stable/c/f3b9fb2764591d792d160f375851013665a9e820 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21748-c980@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-21748 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-21748 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact