Security Advisory

CVE-2025-68806

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-13 15:29:13
Last updated 2026-05-23 16:02:54
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2_set_ea function, which handles Extended Attributes (EA), was performing buffer validation checks that incorrectly omitted the size of the null terminating character (+1 byte) for EA Name. This patch fixes the issue by explicitly adding + 1 to EaNameLength where the null terminator is expected to be present in the buffer, ensuring the validation accurately reflects the total required buffer size.