CNNVD-202509-3919 Information

CNNVD ID

CNNVD-202509-3919

Related CVE

CVE-2025-57632

• CNNVD Published: 2025-09-25

Description (Chinese)

libsmb2是Ronnie Sahlberg个人开发者的一个SMB客户端。 libsmb2 6.2版本存在安全漏洞，该漏洞源于处理SMB2链接PDU时未检查v->niov上限，可能导致堆越界写入和内存损坏，进而引发任意代码执行。

Description (English)

Libsmb2 is a SMB client of Ronnie Sahlberg ’ s personal developer. Version 6.2, libsmb, contains a security loophole that stems from the fact that the ceiling of v->niov was not checked when processing the SMB2 link to PDU, which could result in cross-border write-ups and memory damage, thus triggering arbitrary code enforcement.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-25

Last Modified

2026-02-24

References

https://gist.github.com/ZjW1nd/0b95b63307ceee7890e88e4abc6f041e https://github.com/sahlberg/libsmb2 https://github.com/sahlberg/libsmb2/blob/master/lib/compat.c#L569