Acknowledged
Created: Oct 29, 2025
Updated: Nov 4, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]ksmbd: transport_ipc: validate payload size before reading handle[EOL][EOL]handle_response() dereferences the payload as a 4-byte handle without[EOL]verifying that the declared payload size is at least 4 bytes. A malformed[EOL]or truncated message from ksmbd.mountd can lead to a 4-byte read past the[EOL]declared payload size. Validate the size before dereferencing.[EOL][EOL]This is a minimal fix to guard the initial handle read.
