CVE-2025-21660 (GCVE-0-2025-21660)
Vulnerability from cvelistv5
Published
2025-01-21 12:18
Modified
2025-05-04 13:06
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked When `ksmbd_vfs_kern_path_locked` met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the filename for creation.
References
Impacted products
Vendor Product Version
Linux Linux Version: d1b2d2a9c912fc7b788985fbaf944e80f4b3f2af
Version: 6ab95e27b77730de3fa2d601db3764490c5eede2
Version: c5a709f08d40b1a082e44ffcde1aea4d2822ddd5
Version: c5a709f08d40b1a082e44ffcde1aea4d2822ddd5
Version: d205cb1a13b37b2660df70a972dedc8c4ba1c2e8
Version: c1e27b70e79050530c671b9dab688386c86f039a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/vfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "13e41c58c74baa71f34c0830eaa3c29d53a6e964",
              "status": "affected",
              "version": "d1b2d2a9c912fc7b788985fbaf944e80f4b3f2af",
              "versionType": "git"
            },
            {
              "lessThan": "65b31b9d992c0fb0685c51a0cf09993832734fc4",
              "status": "affected",
              "version": "6ab95e27b77730de3fa2d601db3764490c5eede2",
              "versionType": "git"
            },
            {
              "lessThan": "51669f4af5f7959565b48e55691ba92fabf5c587",
              "status": "affected",
              "version": "c5a709f08d40b1a082e44ffcde1aea4d2822ddd5",
              "versionType": "git"
            },
            {
              "lessThan": "2ac538e40278a2c0c051cca81bcaafc547d61372",
              "status": "affected",
              "version": "c5a709f08d40b1a082e44ffcde1aea4d2822ddd5",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "d205cb1a13b37b2660df70a972dedc8c4ba1c2e8",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "c1e27b70e79050530c671b9dab688386c86f039a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/vfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.12"
            },
            {
              "lessThan": "6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.125",
                  "versionStartIncluding": "6.1.113",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.72",
                  "versionStartIncluding": "6.6.54",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.10",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.10.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.11.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked\n\nWhen `ksmbd_vfs_kern_path_locked` met an error and it is not the last\nentry, it will exit without restoring changed path buffer. But later this\nbuffer may be used as the filename for creation."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T13:06:12.428Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/13e41c58c74baa71f34c0830eaa3c29d53a6e964"
        },
        {
          "url": "https://git.kernel.org/stable/c/65b31b9d992c0fb0685c51a0cf09993832734fc4"
        },
        {
          "url": "https://git.kernel.org/stable/c/51669f4af5f7959565b48e55691ba92fabf5c587"
        },
        {
          "url": "https://git.kernel.org/stable/c/2ac538e40278a2c0c051cca81bcaafc547d61372"
        }
      ],
      "title": "ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21660",
    "datePublished": "2025-01-21T12:18:16.062Z",
    "dateReserved": "2024-12-29T08:45:45.732Z",
    "dateUpdated": "2025-05-04T13:06:12.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21660\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-21T13:15:09.643\",\"lastModified\":\"2025-01-21T13:15:09.643\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked\\n\\nWhen `ksmbd_vfs_kern_path_locked` met an error and it is not the last\\nentry, it will exit without restoring changed path buffer. But later this\\nbuffer may be used as the filename for creation.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se corrige la ruta inesperadamente cambiada en ksmbd_vfs_kern_path_locked Cuando `ksmbd_vfs_kern_path_locked` encuentra un error y no es la \u00faltima entrada, saldr\u00e1 sin restaurar el b\u00fafer de ruta cambiada. Pero m\u00e1s adelante, este b\u00fafer se puede usar como nombre de archivo para la creaci\u00f3n.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/13e41c58c74baa71f34c0830eaa3c29d53a6e964\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2ac538e40278a2c0c051cca81bcaafc547d61372\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/51669f4af5f7959565b48e55691ba92fabf5c587\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/65b31b9d992c0fb0685c51a0cf09993832734fc4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.