Name of the Vulnerable Software and Affected Versions:

Linux Kernel (affected versions not specified)

Description:

The Linux kernel contains a flaw within the ksmbd module related to the validation of extended attribute (ea) buffer lengths during SMB2 operations. Specifically, the `smb2 set ea()` function incorrectly validates the length of the `ea` buffer, potentially leading to issues when processing multiple `smb2 ea info` buffers within a `FILE FULL EA INFORMATION` request from a client. The vulnerability arises from using the incorrect variable (`next`) instead of `buf len` when determining the buffer length. The `NextEntryOffset` is used to locate the next `smb2 ea info` entry.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.