CVE-2025-37947

Published May 20, 2025

Last updated 5 months ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-37947 is a vulnerability found in the Linux kernel's ksmbd filesystem component, specifically within the `ksmbdvfsstream_write()` function. Disclosed on May 20, 2025, the vulnerability arises from a missing bounds check in the `ksmbdvfsstreamwrite()` function. The function doesn't validate if the write offset (`*pos`) is within the bounds of the existing stream data length (`vlen`). If `*pos` is greater than or equal to `v_len`, it can lead to an out-of-bounds memory write. Successful exploitation of this vulnerability could result in out-of-bounds memory writes in the Linux kernel, potentially causing memory corruption or system crashes. A patch has been implemented to address this issue by adding a validation check for the write offset in `ksmbdvfsstreamwrite()`. The fix ensures that `*pos` is less than `vlen` before proceeding with the write operation, returning `-EINVAL` if the condition fails.

Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream data length (v_len). If *pos was greater than or equal to v_len, this could lead to an out-of-bounds memory write. This patch adds a check to ensure *pos is less than v_len before proceeding. If the condition fails, -EINVAL is returned.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Awaiting Analysis

Social media

Hype score
Not currently trending

  1. Top 5 Trending CVEs: 1 - CVE-2021-28550 2 - CVE-2025-33073 3 - CVE-2023-20870 4 - CVE-2025-37947 5 - CVE-2025-22131 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    26 Oct 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ksmbd - Exploiting CVE-2025-37947 Article by @73696e65 about locally exploiting CVE-2025-37947 — a page OOB write in the ksmbd module. Article: https://t.co/V5LBTtOqxY Exploit: https://t.co/knpaTnIO2j https://t.co/jADk5UqFEn

    @linkersec

    24 Oct 2025

    12092 Impressions

    44 Retweets

    184 Likes

    58 Bookmarks

    0 Replies

    2 Quotes

  3. Linux kernel ksmbd モジュールの脆弱性 CVE-2025-37947:ローカル権限昇格と PoC の公開 https://t.co/02xnThNPhy この脆弱性の原因は、ksmbd_vfs_stream_write() における拡張属性 (xattr) 書き込みのサイズ検証不備にあります。割当

    @iototsecnews

    20 Oct 2025

    96 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Exploiting CVE-2025-37947 (Linux kernel's ksmbd) https://t.co/3l5LuiehvQ

    @Karma_X_Inc

    19 Oct 2025

    74 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. ksmbd - Exploiting CVE-2025-37947 (3/3) https://t.co/J3XQM6nK4L

    @ytroncal

    12 Oct 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-37947 : Linux kernel's ksmbd LPE Exploiting https://t.co/9BOFXgcoNH https://t.co/Sfw9mCfMrS

    @freedomhack101

    9 Oct 2025

    81 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. #exploit #Kernel_Security Ksmbd Vulnerability Research Part 1 - CVE-2024-50283, CVE-2024-50285, CVE-2024-50286 - https://t.co/zoZsNbjEJK Part 2 - Fuzzing Improvements and Vulnerability Discovery - https://t.co/t1xCLqun8C Part 3 - Exploiting CVE-2025-37947 -

    @ksg93rd

    9 Oct 2025

    2937 Impressions

    10 Retweets

    50 Likes

    23 Bookmarks

    0 Replies

    0 Quotes

  8. csirt_it: ‼ #Linux: disponibile un #PoC per lo sfruttamento combinato della CVE-2025-37947 che interessa relative al modulo #KSMBD Rischio: 🟠 Tipologia: 🔸 Privilege Escalation 🔗 https://t.co/uEP8YyGW7C ⚠ Importante mantenere aggiornati i… https://t.co/A

    @Vulcanux_

    9 Oct 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🔥 Alerta crítico para admins Linux! Uma vulnerabilidade de alta gravidade (CVE-2025-37947) no ksmbd do kernel Linux permite escalada de privilégios para acesso root. Seus sistemas estão em risco! 🚨 Atualize suas distros AGORA. #Linux #CyberSecurity #CVE https://t.co/8Qt

    @fernandokarl

    9 Oct 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. ksmbd - Exploiting CVE-2025-37947 (3/3) https://t.co/AvRjgQT32z https://t.co/dKxpvu7YiR

    @Tinolle1955

    8 Oct 2025

    35 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ksmbd - Exploiting CVE-2025-37947 (3/3) https://t.co/7I0RV6RcYh

    @Dinosn

    8 Oct 2025

    929 Impressions

    0 Retweets

    1 Like

    3 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.