NVD

CVE-2025-21994 Detail

Modified

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for num_aces field of smb_acl parse_dcal() validate num_aces to allocate posix_ace_state_array. if (num_aces > ULONG_MAX / sizeof(struct smb_ace *)) It is an incorrect validation that we can create an array of size ULONG_MAX. smb_acl has ->size field to calculate actual number of aces in request buffer size. Use this to check invalid num_aces.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 5.5 MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://git.kernel.org/stable/c/1b8b67f3c5e5169535e26efedd3e422172e2db64	kernel.org	Patch
https://git.kernel.org/stable/c/9c4e202abff45f8eac17989e549fc7a75095f675	kernel.org	Patch
https://git.kernel.org/stable/c/a4cb17797a5d241f1e509cb5b46ed95a80c2f5fd	kernel.org	Patch
https://git.kernel.org/stable/c/c3a3484d9d31b27a3db0fab91fcf191132d65236	kernel.org	Patch
https://git.kernel.org/stable/c/d0f87370622a853b57e851f7d5a5452b72300f19	kernel.org	Patch
https://git.kernel.org/stable/c/f6a6721802ac2f12f4c1bbe839a4c229b61866f2	kernel.org	Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html	CVE

Weakness Enumeration

CWE-ID	CWE Name	Source
NVD-CWE-noinfo	Insufficient Information	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes

Initial Analysis by NIST 10/28/2025 1:19:48 PM

Action	Type	New Value
Added	CVSS V3.1	AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Added	CWE	NVD-CWE-noinfo
Added	CPE Configuration	OR cpe:2.3:o:linux:linux_kernel:6.14:rc1::::::* cpe:2.3:o:linux:linux_kernel:6.14:rc2::::::* cpe:2.3:o:linux:linux_kernel:6.14:rc3::::::* cpe:2.3:o:linux:linux_kernel:6.14:rc4::::::* cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.13 up to (excluding) 6.13.9 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2 up to (excluding) 6.6.85 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.15 up to (excluding) 5.15.180 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16 up to (excluding) 6.1.132 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.12.21 cpe:2.3:o:linux:linux_kernel:6.14:rc5::::::*
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/1b8b67f3c5e5169535e26efedd3e422172e2db64 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/9c4e202abff45f8eac17989e549fc7a75095f675 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/a4cb17797a5d241f1e509cb5b46ed95a80c2f5fd Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/c3a3484d9d31b27a3db0fab91fcf191132d65236 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/d0f87370622a853b57e851f7d5a5452b72300f19 Types: Patch
Added	Reference Type	kernel.org: https://git.kernel.org/stable/c/f6a6721802ac2f12f4c1bbe839a4c229b61866f2 Types: Patch

New CVE Received from kernel.org 4/02/2025 10:16:01 AM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for num_aces field of smb_acl parse_dcal() validate num_aces to allocate posix_ace_state_array. if (num_aces > ULONG_MAX / sizeof(struct smb_ace *)) It is an incorrect validation that we can create an array of size ULONG_MAX. smb_acl has ->size field to calculate actual number of aces in request buffer size. Use this to check invalid num_aces.
Added	Reference	https://git.kernel.org/stable/c/1b8b67f3c5e5169535e26efedd3e422172e2db64
Added	Reference	https://git.kernel.org/stable/c/9c4e202abff45f8eac17989e549fc7a75095f675
Added	Reference	https://git.kernel.org/stable/c/a4cb17797a5d241f1e509cb5b46ed95a80c2f5fd
Added	Reference	https://git.kernel.org/stable/c/d0f87370622a853b57e851f7d5a5452b72300f19
Added	Reference	https://git.kernel.org/stable/c/f6a6721802ac2f12f4c1bbe839a4c229b61866f2

Quick Info

CVE Dictionary Entry:
CVE-2025-21994
NVD Published Date:
04/02/2025
NVD Last Modified:
11/03/2025
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2025-21994 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CVE 11/03/2025 3:17:35 PM

Initial Analysis by NIST 10/28/2025 1:19:48 PM

CVE Modified by kernel.org 4/10/2025 9:15:49 AM

New CVE Received from kernel.org 4/02/2025 10:16:01 AM

Quick Info