Buffer Overflow Vulnerability in libsmb2 by Sahlberg
CVE-2025-57632

7.5HIGH

Key Information:

Vendor: Sahlberg
Status: libsmb2
Vendor: CVE Published:; 25 September 2025

What is CVE-2025-57632?

The libsmb2 library, versions 6.2 and above, contains a buffer overflow vulnerability related to the processing of SMB2 chained PDUs. This issue arises when the library calls smb2_add_iovector(), which appends data to a fixed-size iovec array without proper boundary checks for the number of I/O vectors. An adversary can exploit this flaw by sending specially crafted responses with numerous chained PDUs, leading to an overflow of the iovec array. Such exploitation may result in memory corruption, application crashes, and could potentially allow unauthorized execution of arbitrary code. Furthermore, the vulnerability also presents a risk during the SMB2_OPLOCK_BREAK path by circumventing message ID validation.

References

https://github.com/sahlberg/libsmb2

https://github.com/sahlberg/libsmb2/blob/master/lib/compa...

https://gist.github.com/ZjW1nd/0b95b63307ceee7890e88e4abc...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Aug 17, 2025

CVE-2025-57632 Data

JSON