In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating pos ksmbd_vfs_stream_write() did not validate whether the write offset (pos) was within the bounds of the existing stream data length (vlen). If *pos was greater than or equal to vlen, this could lead to an out-of-bounds memory write. This patch adds a check to ensure *pos is less than v_len before proceeding. If the condition fails, -EINVAL is returned.