{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-68806","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-24T10:30:51.045Z","datePublished":"2026-01-13T15:29:13.797Z","dateUpdated":"2026-05-11T21:53:42.014Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:53:42.014Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix buffer validation by including null terminator size in EA length\n\nThe smb2_set_ea function, which handles Extended Attributes (EA),\nwas performing buffer validation checks that incorrectly omitted the size\nof the null terminating character (+1 byte) for EA Name.\nThis patch fixes the issue by explicitly adding '+ 1' to EaNameLength where\nthe null terminator is expected to be present in the buffer, ensuring\nthe validation accurately reflects the total required buffer size."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/smb/server/smb2pdu.c"],"versions":[{"version":"d070c4dd2a5bed4e9832eec5b6c029c7d14892ea","lessThan":"cae52c592a07e1d3fa3338a5f064a374a5f26750","status":"affected","versionType":"git"},{"version":"0ba5439d9afa2722e7728df56f272c89987540a4","lessThan":"a28a375a5439eb474e9f284509a407efb479c925","status":"affected","versionType":"git"},{"version":"0ba5439d9afa2722e7728df56f272c89987540a4","lessThan":"d26af6d14da43ab92d07bc60437c62901dc522e6","status":"affected","versionType":"git"},{"version":"0ba5439d9afa2722e7728df56f272c89987540a4","lessThan":"6dc8cf6e7998ef7aeb9383a4c2904ea5d22fa2e4","status":"affected","versionType":"git"},{"version":"0ba5439d9afa2722e7728df56f272c89987540a4","lessThan":"95d7a890e4b03e198836d49d699408fd1867cb55","status":"affected","versionType":"git"},{"version":"bb5bf157b5be1643cccc7cbbe57fcdef9ae52c2c","status":"affected","versionType":"git"},{"version":"1a13ecb96230e8b7b91967e292836f7b01ec8111","status":"affected","versionType":"git"},{"version":"404e7c01e16288b5e0171d1d8fd3328e806d0794","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/smb/server/smb2pdu.c"],"versions":[{"version":"6.6","status":"affected"},{"version":"0","lessThan":"6.6","status":"unaffected","versionType":"semver"},{"version":"6.1.160","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.120","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.64","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.3","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.52","versionEndExcluding":"6.1.160"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.12.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.18.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.131"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/cae52c592a07e1d3fa3338a5f064a374a5f26750"},{"url":"https://git.kernel.org/stable/c/a28a375a5439eb474e9f284509a407efb479c925"},{"url":"https://git.kernel.org/stable/c/d26af6d14da43ab92d07bc60437c62901dc522e6"},{"url":"https://git.kernel.org/stable/c/6dc8cf6e7998ef7aeb9383a4c2904ea5d22fa2e4"},{"url":"https://git.kernel.org/stable/c/95d7a890e4b03e198836d49d699408fd1867cb55"}],"title":"ksmbd: fix buffer validation by including null terminator size in EA length","x_generator":{"engine":"bippy-1.2.0"}}}}