CVE-2025-37899 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-20 | Updated 2026-05-11 | Assigner Linux

Product status

Default status

unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 931dc8a3670f71c45c0b1379ea4e92dafbda1aca

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 70ad6455139e26e85f48f95d0e21f351c1909342

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before d5ec1d79509b3ee01de02c236f096bc050221b7f

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 02d16046cd11a5c037b28c12ffb818c56dd3ef43

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 2fc9feff45d92a92cd5f96487655d5be23fb7e2b

affected

Default status

affected

5.15

affected

Any version before 5.15

unaffected

6.1.159 (semver)

unaffected

6.6.119 (semver)

unaffected

6.12.28 (semver)

unaffected

6.14.6 (semver)

unaffected

6.15 (original_commit_for_fix)

unaffected

References

sean.heelan.io/...y-in-the-linux-kernels-smb-implementation/

news.ycombinator.com/item?id=44081338

git.kernel.org/...c/931dc8a3670f71c45c0b1379ea4e92dafbda1aca

git.kernel.org/...c/70ad6455139e26e85f48f95d0e21f351c1909342

git.kernel.org/...c/d5ec1d79509b3ee01de02c236f096bc050221b7f

git.kernel.org/...c/02d16046cd11a5c037b28c12ffb818c56dd3ef43

git.kernel.org/...c/2fc9feff45d92a92cd5f96487655d5be23fb7e2b

cve.org (CVE-2025-37899)

nvd.nist.gov (CVE-2025-37899)

Download JSON

help @ threatint.eu