8.1
/ 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Description
In the Linux kernel, the following vulnerability has been resolved:
smb/client: fix possible infinite loop and oob read in symlink_data()
On 32-bit architectures, the infinite loop is as follows:
len = p->ErrorDataLength == 0xfffffff8
u8 *next = p->ErrorContextData + len
next == p
On 32-bit architectures, the out-of-bounds read is as follows:
len = p->ErrorDataLength == 0xfffffff0
u8 *next = p->ErrorContextData + len
next == (u8 *)p - 8
smb/client: fix possible infinite loop and oob read in symlink_data()
On 32-bit architectures, the infinite loop is as follows:
len = p->ErrorDataLength == 0xfffffff8
u8 *next = p->ErrorContextData + len
next == p
On 32-bit architectures, the out-of-bounds read is as follows:
len = p->ErrorDataLength == 0xfffffff0
u8 *next = p->ErrorContextData + len
next == (u8 *)p - 8
Basic Information
ID
CVE-2026-52967
Source
Linux
Published
Jun 24, 2026 at 16:28
Modified
Jun 28, 2026 at 06:37
Affected Product
Vendor
Linux
Product
Linux
Version
76894f3e2f71177747b8b4763fb180e800279585
Affected Versions
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 2d046892a493d9760c35fdaefc3017f27f91b621
Linux Linux 6.0.16
Linux Linux 6.1
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 76894f3e2f71177747b8b4763fb180e800279585
Linux Linux 2d046892a493d9760c35fdaefc3017f27f91b621
Linux Linux 6.0.16
Linux Linux 6.1
References
- git.kernel.org /stable/c/1cfa2d59f669db28d6292d10ff87ca6837c781b0
- git.kernel.org /stable/c/b41598bf54b3fe528994e573df6008f8f4d0a4f4
- git.kernel.org /stable/c/cd4b9b662f0fb9aa97ee6bf9034eca76fc6cab23
- git.kernel.org /stable/c/97a05b0ae9ea5ec052be2eef0f9cc7ce03501bbb
- git.kernel.org /stable/c/1b9331b16b0ed9414dcf7583d8134bdfeb117aae
- git.kernel.org /stable/c/7d9a7f1f96cd617ee9e75bb22217c709038e26b8