CVE-2025-22038

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero num_subauth before sub_auth is accessed Access psid->sub_auth[psid->num_subauth - 1] without checking if num_subauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure num_subauth != 0 before sub_auth is accessed.

Reserved 2024-12-29 | Published 2025-04-16 | Updated 2025-05-26 | Assigner Linux

Product status

Default status
unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf before 3ac65de111c686c95316ade660f8ba7aea3cd3cc
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 0e36a3e080d6d8bd7a34e089345d043da4ac8283
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 56de7778a48560278c334077ace7b9ac4bfb2fd1
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 68c6c3142bfcdb049839d40a9a59ebe8ea865002
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before c8bfe1954a0b89e7b29b3a3e7f4c5e0ebd295e20
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before bf21e29d78cd2c2371023953d9c82dfef82ebb36
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

6.1.134
unaffected

6.6.87
unaffected

6.12.23
unaffected

6.13.11
unaffected

6.14.2
unaffected

6.15
unaffected

References

git.kernel.org/...c/3ac65de111c686c95316ade660f8ba7aea3cd3cc

git.kernel.org/...c/0e36a3e080d6d8bd7a34e089345d043da4ac8283

git.kernel.org/...c/56de7778a48560278c334077ace7b9ac4bfb2fd1

git.kernel.org/...c/68c6c3142bfcdb049839d40a9a59ebe8ea865002

git.kernel.org/...c/c8bfe1954a0b89e7b29b3a3e7f4c5e0ebd295e20

git.kernel.org/...c/bf21e29d78cd2c2371023953d9c82dfef82ebb36

cve.org (CVE-2025-22038)

nvd.nist.gov (CVE-2025-22038)

Download JSON