CVE-2025-21660

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked

When ksmbd_vfs_kern_path_locked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the filename for creation.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd1b2d2a9c912fc7b788985fbaf944e80f4b3f2af < 13e41c58c74baa71f34c0830eaa3c29d53a6e964affected
LinuxLinux6ab95e27b77730de3fa2d601db3764490c5eede2 < 65b31b9d992c0fb0685c51a0cf09993832734fc4affected
LinuxLinuxc5a709f08d40b1a082e44ffcde1aea4d2822ddd5 < 51669f4af5f7959565b48e55691ba92fabf5c587affected
LinuxLinuxc5a709f08d40b1a082e44ffcde1aea4d2822ddd5 < 2ac538e40278a2c0c051cca81bcaafc547d61372affected
LinuxLinuxd205cb1a13b37b2660df70a972dedc8c4ba1c2e8affected
LinuxLinuxc1e27b70e79050530c671b9dab688386c86f039aaffected
LinuxLinux6.1.113 < 6.1.125affected
LinuxLinux6.6.54 < 6.6.72affected
LinuxLinux6.10.13 < 6.11affected
LinuxLinux6.11.2 < 6.12affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.1.125 <= 6.1.*unaffected
LinuxLinux6.6.72 <= 6.6.*unaffected
LinuxLinux6.12.10 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References