CVE-2025-38501

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: limit repeated connections from clients with the same IP

Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < cb092fc3a62972a4aa47c9fe356c2c6a01cd840baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < fa1c47af4ff641cf9197ecdb1f8240cbb30389c1affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 7e5d91d3e6c62a9755b36f29c35288f06c3cd86baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < f1ce9258bcbce2491f9f71f7882b6eed0b33ec65affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 6073afe64510c302b7a0683a01e32c012eff715daffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < e6bb9193974059ddbb0ce7763fa3882bd60d4dc3affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.148 <= 6.1.*unaffected
LinuxLinux6.6.102 <= 6.6.*unaffected
LinuxLinux6.12.42 <= 6.12.*unaffected
LinuxLinux6.15.10 <= 6.15.*unaffected
LinuxLinux6.16.1 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References