{"uuid": "b326ce9c-d13c-4a09-bc89-087d541c560f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21946", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10050", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21946\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out-of-bounds in parse_sec_desc()\n\nIf osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd\nstruct size. If it is smaller, It could cause slab-out-of-bounds.\nAnd when validating sid, It need to check it included subauth array size.\n\ud83d\udccf Published: 2025-04-01T15:41:08.955Z\n\ud83d\udccf Modified: 2025-04-02T12:16:57.827Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c1569dbbe2d43041be9f3fef7ca08bec3b66ad1b\n2. https://git.kernel.org/stable/c/159d059cbcb0e6d0e7a7b34af3862ba09a6b22d1\n3. https://git.kernel.org/stable/c/6a9831180d0b23b5c97e2bd841aefc8f82900172\n4. https://git.kernel.org/stable/c/d6e13e19063db24f94b690159d0633aaf72a0f03", "creation_timestamp": "2025-04-02T12:36:39.000000Z"}