CVE-2025-39933
smb: client: let recv_done verify data_offset, data_length and remaining_data_length
References
Notes
carnil> Introduced in f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection").
carnil> Vulnerable versions: 4.16.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.17-rc7) [f57e53ea252363234f86674db475839e5b87102e]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.16-upstream-stable |
released (6.16.9) [581fb78e0388b78911b0c920e4073737090c8b5f]
|
| 6.12-upstream-stable |
needed
|
| 6.6-upstream-stable |
needed
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.16.9-1)
|
| 6.12-trixie-security |
needed
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
needed
|
