**Name of the Vulnerable Software and Affected Versions:**

Linux Kernel (affected versions not specified)

kernel-image-rpi-un version 6.1.77-alt1

**Description:**

The Linux Kernel contains a heap-based buffer overflow in the ksmbd module, specifically within the `ksmbd decode ntlmssp auth blob()` function. This occurs when the `authblob->SessionKey.Length` value exceeds the expected session key size (`CIFS KEY SIZE`), leading to a slub overflow during key exchange code processing. The `cifs arc4 crypt` function copies data from the client's `SessionKey` into a session key array. This vulnerability could allow a remote attacker to execute arbitrary code.

**Recommendations:**

Update kernel-image-rpi-un to version 6.1.77-alt1.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.