We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-37926

ksmbd: fix use-after-free in ksmbd_session_rpc_open



Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_session_rpc_open A UAF issue can occur due to a race condition between ksmbd_session_rpc_open() and __session_rpc_close(). Add rpc_lock to the session to protect it.

Reserved 2025-04-16 | Published 2025-05-20 | Updated 2025-05-26 | Assigner Linux

Product status

Default status
unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf before 8fb3b6c85b7e3127161623586b62abcc366caa20
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 6323fec65fe54b365961fed260dd579191e46121
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before a1f46c99d9ea411f9bf30025b912d881d36fc709
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

6.12.28
unaffected

6.14.6
unaffected

6.15
unaffected

References

git.kernel.org/...c/8fb3b6c85b7e3127161623586b62abcc366caa20

git.kernel.org/...c/6323fec65fe54b365961fed260dd579191e46121

git.kernel.org/...c/a1f46c99d9ea411f9bf30025b912d881d36fc709

cve.org (CVE-2025-37926)

nvd.nist.gov (CVE-2025-37926)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-37926

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.