CVE-2025-40052 | Linux Kernel up to 6.6.111/6.12.52/6.17.2 Crypto API smb2ops.c cifs_sg_set_buf sensitive_size privilege escalation

October 28, 2025 Yanac

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.6.111/6.12.52/6.17.2. Impacted is the function cifs_sg_set_buf of the file smb2ops.c of the component Crypto API. This manipulation of the argument sensitive_size causes privilege escalation.

This vulnerability is tracked as CVE-2025-40052. The attack is only possible within the local network. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More