CVE-2026-52967

HIGH

smb/client: fix possible infinite loop and oob read in symlink_data()

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlink_data() On 32-bit architectures, the infinite loop is as follows: len = p->ErrorDataLength == 0xfffffff8 u8 *next = p->ErrorContextData + len next == p On 32-bit architectures, the out-of-bounds read is as follows: len = p->ErrorDataLength == 0xfffffff0 u8 *next = p->ErrorContextData + len next == (u8 *)p - 8

Scores

CVSS v3 8.1
EPSS 0.0040
EPSS Percentile 32.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Details

Status published
Products (21)
linux/Kernel 6.1.0 - 6.1.175linux
linux/Kernel 6.13.0 - 6.18.33linux
linux/Kernel 6.19.0 - 7.0.10linux
linux/Kernel 6.2.0 - 6.6.141linux
linux/Kernel 6.7.0 - 6.12.91linux
Linux/Linux < 6.1
Linux/Linux 2d046892a493d9760c35fdaefc3017f27f91b621
Linux/Linux 6.0.16 - 6.1
Linux/Linux 6.1
Linux/Linux 6.1.175 - 6.1.*
... and 11 more
Published Jun 24, 2026
Tracked Since Jun 24, 2026