{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-21660","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-29T08:45:45.732Z","datePublished":"2025-01-21T12:18:16.062Z","dateUpdated":"2025-11-03T20:58:36.129Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T13:06:12.428Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked\n\nWhen `ksmbd_vfs_kern_path_locked` met an error and it is not the last\nentry, it will exit without restoring changed path buffer. But later this\nbuffer may be used as the filename for creation."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/smb/server/vfs.c"],"versions":[{"version":"d1b2d2a9c912fc7b788985fbaf944e80f4b3f2af","lessThan":"13e41c58c74baa71f34c0830eaa3c29d53a6e964","status":"affected","versionType":"git"},{"version":"6ab95e27b77730de3fa2d601db3764490c5eede2","lessThan":"65b31b9d992c0fb0685c51a0cf09993832734fc4","status":"affected","versionType":"git"},{"version":"c5a709f08d40b1a082e44ffcde1aea4d2822ddd5","lessThan":"51669f4af5f7959565b48e55691ba92fabf5c587","status":"affected","versionType":"git"},{"version":"c5a709f08d40b1a082e44ffcde1aea4d2822ddd5","lessThan":"2ac538e40278a2c0c051cca81bcaafc547d61372","status":"affected","versionType":"git"},{"version":"d205cb1a13b37b2660df70a972dedc8c4ba1c2e8","status":"affected","versionType":"git"},{"version":"c1e27b70e79050530c671b9dab688386c86f039a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/smb/server/vfs.c"],"versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","status":"unaffected","versionType":"semver"},{"version":"6.1.125","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.72","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.10","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.113","versionEndExcluding":"6.1.125"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.54","versionEndExcluding":"6.6.72"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/13e41c58c74baa71f34c0830eaa3c29d53a6e964"},{"url":"https://git.kernel.org/stable/c/65b31b9d992c0fb0685c51a0cf09993832734fc4"},{"url":"https://git.kernel.org/stable/c/51669f4af5f7959565b48e55691ba92fabf5c587"},{"url":"https://git.kernel.org/stable/c/2ac538e40278a2c0c051cca81bcaafc547d61372"}],"title":"ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:58:36.129Z"}}]}}