CVE-2025-38191

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix null pointer dereference in destroy_previous_session

If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 281afc52e2961cd5dd8326ebc9c5bc40904c0468affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 0902625a24eea7fdc187faa5d97df244d159dd6eaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 1193486dffb7432a09f57f5d09049b4d4123538baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 076f1adefb9837977af7ed233883842ddc446644affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 7ac5b66acafcc9292fb935d7e03790f2b8b2dc0eaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.142 <= 6.1.*unaffected
LinuxLinux6.6.95 <= 6.6.*unaffected
LinuxLinux6.12.35 <= 6.12.*unaffected
LinuxLinux6.15.4 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References