Executive Summary

Informations
Name CVE-2025-37947 First vendor Publication 2025-05-20
Vendor Cve Last vendor Modification 2025-05-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: prevent out-of-bounds stream writes by validating *pos

ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream data length (v_len). If *pos was greater than or equal to v_len, this could lead to an out-of-bounds memory write.

This patch adds a check to ensure *pos is less than v_len before proceeding. If the condition fails, -EINVAL is returned.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-37947

Sources (Detail)

https://git.kernel.org/stable/c/04c8a38c60346bb5a7c49b276de7233f703ce9cb
https://git.kernel.org/stable/c/0ca6df4f40cf4c32487944aaf48319cb6c25accc
https://git.kernel.org/stable/c/7f61da79df86fd140c7768e668ad846bfa7ec8e1
https://git.kernel.org/stable/c/d62ba16563a86aae052f96d270b3b6f78fca154c
https://git.kernel.org/stable/c/e6356499fd216ed6343ae0363f4c9303f02c5034
Source Url

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2025-05-26 21:20:40
  • First insertion