Wind River Support Network

HomeDefectsLIN1023-14692
Acknowledged

LIN1023-14692 : Security Advisory - linux - CVE-2025-38728

Created: Sep 4, 2025    Updated: Sep 8, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]smb3: fix for slab out of bounds on mount to ksmbd[EOL][EOL]With KASAN enabled, it is possible to get a slab out of bounds[EOL]during mount to ksmbd due to missing check in parse_server_interfaces()[EOL](see below):[EOL][EOL] BUG: KASAN: slab-out-of-bounds in[EOL] parse_server_interfaces+0x14ee/0x1880 [cifs][EOL] Read of size 4 at addr ffff8881433dba98 by task mount/9827[EOL][EOL] CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G[EOL] OE       6.16.0-rc2-kasan #2 PREEMPT(voluntary)[EOL] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE[EOL] Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,[EOL] BIOS 2.13.1 06/14/2019[EOL] Call Trace:[EOL]  <TASK>[EOL] dump_stack_lvl+0x9f/0xf0[EOL] print_report+0xd1/0x670[EOL] __virt_addr_valid+0x22c/0x430[EOL] ? parse_server_interfaces+0x14ee/0x1880 [cifs][EOL] ? kasan_complete_mode_report_info+0x2a/0x1f0[EOL] ? parse_server_interfaces+0x14ee/0x1880 [cifs][EOL]   kasan_report+0xd6/0x110[EOL]   parse_server_interfaces+0x14ee/0x1880 [cifs][EOL]   __asan_report_load_n_noabort+0x13/0x20[EOL]   parse_server_interfaces+0x14ee/0x1880 [cifs][EOL] ? __pfx_parse_server_interfaces+0x10/0x10 [cifs][EOL] ? trace_hardirqs_on+0x51/0x60[EOL] SMB3_request_interfaces+0x1ad/0x3f0 [cifs][EOL] ? __pfx_SMB3_request_interfaces+0x10/0x10 [cifs][EOL] ? SMB2_tcon+0x23c/0x15d0 [cifs][EOL] smb3_qfs_tcon+0x173/0x2b0 [cifs][EOL] ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs][EOL] ? cifs_get_tcon+0x105d/0x2120 [cifs][EOL] ? do_raw_spin_unlock+0x5d/0x200[EOL] ? cifs_get_tcon+0x105d/0x2120 [cifs][EOL] ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs][EOL] cifs_mount_get_tcon+0x369/0xb90 [cifs][EOL] ? dfs_cache_find+0xe7/0x150 [cifs][EOL] dfs_mount_share+0x985/0x2970 [cifs][EOL] ? check_path.constprop.0+0x28/0x50[EOL] ? save_trace+0x54/0x370[EOL] ? __pfx_dfs_mount_share+0x10/0x10 [cifs][EOL] ? __lock_acquire+0xb82/0x2ba0[EOL] ? __kasan_check_write+0x18/0x20[EOL] cifs_mount+0xbc/0x9e0 [cifs][EOL] ? __pfx_cifs_mount+0x10/0x10 [cifs][EOL] ? do_raw_spin_unlock+0x5d/0x200[EOL] ? cifs_setup_cifs_sb+0x29d/0x810 [cifs][EOL] cifs_smb3_do_mount+0x263/0x1990 [cifs]

CREATE(Triage):(User=admin) [CVE-2025-38728 (https://nvd.nist.gov/vuln/detail/CVE-2025-38728)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube