Yang Chaoming

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.10 **Description** The issue is related to the smb2 get data area len function in the fs/smb/server/smb2misc.c file of the KSMBD file system in the Linux kernel. It is associated with an out-of-bounds access in the smb strndup from utf16 function due to mishandling of the relationship between Name data and CreateContexts data. This can potentially impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Linux kernel versions prior to 6.6.10, update to version 6.6.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable smb2 get data area len function in fs/smb/server/smb2misc.c until a patch is available.