CVE-2025-57632
BaseFortify
Publication date: 2025-09-25
Last updated on: 2025-09-26
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sahlberg | libsmb2 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in libsmb2 version 6.2 and later. It occurs when processing SMB2 chained PDUs (NextCommand). The library repeatedly appends to a fixed-size array without checking its upper limit, allowing an attacker to overflow the array and cause heap out-of-bounds writes. This can lead to memory corruption, crashes, and potentially arbitrary code execution. Additionally, the SMB2_OPLOCK_BREAK path bypasses message ID validation, increasing the risk.
How can this vulnerability impact me? :
This vulnerability can impact you by causing memory corruption and application crashes when processing malicious SMB2 responses. More seriously, it can allow an attacker to execute arbitrary code on the affected system, potentially leading to full system compromise or unauthorized access.