Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256). An attacker can craft responses with many chained PDUs to overflow v->niov and perform heap out-of-bounds writes, causing memory corruption, crashes, and potentially arbitrary code execution. The SMB2_OPLOCK_BREAK path bypasses message ID validation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libsmb2 安全漏洞
Vulnerability Description
libsmb2是Ronnie Sahlberg个人开发者的一个SMB客户端。 libsmb2 6.2版本存在安全漏洞,该漏洞源于处理SMB2链接PDU时未检查v->niov上限,可能导致堆越界写入和内存损坏,进而引发任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A