Acknowledged
Created: Oct 31, 2025
Updated: Nov 3, 2025
Found In Version: 10.25.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]cifs: parse_dfs_referrals: prevent oob on malformed input[EOL][EOL]Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS[EOL][EOL]- reply smaller than sizeof(struct get_dfs_referral_rsp)[EOL]- reply with number of referrals smaller than NumberOfReferrals in the[EOL]header[EOL][EOL]Processing of such replies will cause oob.[EOL][EOL]Return -EINVAL error on such replies to prevent oob-s.
