macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes
gbhackersA critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes.
Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it as one of the most severe security issues to affect the macOS platform in recent years.
Vulnerability Overview
According to the recent report, the vulnerability resides in the smbfs.kext kernel extension, specifically in the smb2_rq_decompress_read function.
Here, the SMBClient code fails to properly validate a length value (compress_len) received from the network before copying memory.
| CVE ID | Description | CVSS Score | Impact | Patched Version |
| CVE-2025-24269 | Kernel heap overflow in smb2_rq_decompress_read allows remote code execution and system crashes via malicious SMB traffic | 9.8 | RCE, DoS, Priv. Escalation | macOS Sequoia 15.4 |
When handling SMB2 compression (including LZNT1, LZ77, and LZ77_HUFFMAN algorithms), an attacker can craft a ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE