CVE-2025-37956

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: prevent rename with empty string

Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to rename a file or directory with an empty new name string.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 6ee551672c8cf36108b0cfba92ec0c7c28ac3439affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < c57301e332cc413fe0a7294a90725f4e21e9549daffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < d7f2c00acb1ef64304fd40ac507e9213ff1d9b5caffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 53e3e5babc0963a92d856a5ec0ce92c59f54bc12affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.6.91 <= 6.6.*unaffected
LinuxLinux6.12.29 <= 6.12.*unaffected
LinuxLinux6.14.7 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References