CVE-2025-40084

Oct. 29, 2025, 2:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transport_ipc: validate payload size before reading handle handle_response() dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message from ksmbd.mountd can lead to a 4-byte read past the declared payload size. Validate the size before dereferencing. This is a minimal fix to guard the initial handle read.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • Ksmbd
  • *
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /
a linux ksmbd / / / / / / / /

References

https://git.kernel.org/stable/c/2dc125f5da134c0915a840b62565c60a595673dd
https://git.kernel.org/stable/c/867ffd9d67285612da3f0498ca618297f8e41f01
https://git.kernel.org/stable/c/898d527ed94c19980a4d848f10057f1fed578ffb
https://git.kernel.org/stable/c/a02e432d5130da4c723aabe1205bac805889fdb2

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-10-29
CVE-2025-40084

Timeline

Published: Oct. 29, 2025, 2:15 p.m.
Last Modified: Oct. 29, 2025, 2:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.