CVE-2025-37924

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in kerberos authentication

Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < e34a33d5d7e87399af0a138bb32f6a3e95dd83d2affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < b447463562238428503cfba1c913261047772f90affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < e18c616718018dfc440e4a2d2b94e28fe91b1861affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 28c756738af44a404a91b77830d017bb0c525890affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < e86e9134e1d1c90a960dd57f59ce574d27b9a124affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.138 <= 6.1.*unaffected
LinuxLinux6.6.90 <= 6.6.*unaffected
LinuxLinux6.12.28 <= 6.12.*unaffected
LinuxLinux6.14.6 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References