Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-37947 PoC — ksmbd: prevent out-of-bounds stream writes by validating *pos

Source
https://github.com/doyensec/KSMBD-CVE-2025-37947
Associated Vulnerability
Title:ksmbd: prevent out-of-bounds stream writes by validating *pos (CVE-2025-37947)
Description:In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream data length (v_len). If *pos was greater than or equal to v_len, this could lead to an out-of-bounds memory write. This patch adds a check to ensure *pos is less than v_len before proceeding. If the condition fails, -EINVAL is returned.
Description
Blog Post: https://blog.doyensec.com/2025/10/08/ksmbd-3.html
File Snapshot

 [4.0K]  /data/pocs/f48771b32ae545f18d25ea6914756213aa293b0d
├── [ 720]  bpf-tracer.sh
├── [ 20K]  CVE-2025-37947.c
├── [1.3K]  ksmbd.conf
├── [ 366]  Makefile
├── [7.5K]  proof-of-concept.c
├── [ 442]  readme.md
└── [ 383]  run-qemu.sh

1 directory, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →