CVE-2025-37899
published 2025-05-20CVE-2025-37899: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use…
PriorityP276high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.35%
27.3th percentile
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 6.1.159-1 (bookworm) | linux 6.1.159-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.159-1 (bookworm) | linux 6.1.159-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 931dc8a3670f71c45c0b1379ea4e92dafbda1aca | 931dc8a3670f71c45c0b1379ea4e92dafbda1aca |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 70ad6455139e26e85f48f95d0e21f351c1909342 | 70ad6455139e26e85f48f95d0e21f351c1909342 |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < d5ec1d79509b3ee01de02c236f096bc050221b7f | d5ec1d79509b3ee01de02c236f096bc050221b7f |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 02d16046cd11a5c037b28c12ffb818c56dd3ef43 | 02d16046cd11a5c037b28c12ffb818c56dd3ef43 |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 2fc9feff45d92a92cd5f96487655d5be23fb7e2b | 2fc9feff45d92a92cd5f96487655d5be23fb7e2b |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 6.1.159-1 | 6.1.159-1 |
| linux | linux_kernel | >= 0 < 6.12.29-1 | 6.12.29-1 |
| linux | linux_kernel | >= 0 < 6.12.29-1 | 6.12.29-1 |
| linux | linux_kernel | >= 0 < 6.8.0-101.101 | 6.8.0-101.101 |
| linux | linux_kernel | >= 0 < 6.14.0-24.24 | 6.14.0-24.24 |
| linux | linux_kernel | >= 5.15 < 6.12.28 | 6.12.28 |
| linux | linux_kernel | >= 6.13 < 6.14.6 | 6.14.6 |
| msrc | azl3_kernel_6.6.104.2-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.2-2_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exists in the Linux kernel's ksmbd (SMB network file system) subsystem — specifically a use-after-free in session logoff triggered via concurrent SMB2 session setup requests binding to a session being freed. Monitor for unexpected ksmbd crashes or memory corruption in SMB server workloads. ↗
- →The vulnerable code path is in the smb2_sess_setup function within the ksmbd kernel module. Detection should focus on concurrent SMB2 SESSION_SETUP requests targeting the same session on Linux SMB servers running ksmbd. ↗
- ·Debian bookworm fix is available in kernel version 6.1.159-1; forky, sid, and trixie are fixed in 6.12.29-1. Systems running older kernel versions remain vulnerable. ↗
- ·Red Hat Enterprise Linux 6, 7, 8, 9, and 10 (including kernel-rt variants) are all listed as Not Affected for this CVE. ↗
- ·The vulnerability scope is local and affects the SMB network file system (ksmbd) subsystem. Ubuntu's security notice groups it with CVE-2025-22037 under the same SMB subsystem fix. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
vulncheck7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
vendor_msrc4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-azure-6.8 vulnerabilities
osv·2026-03-25·CVSS 3.2
[LOW] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores,
OSV
linux-azure vulnerabilities
osv·2026-03-25
linux-azure vulnerabilities
linux-azure vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Xtensa arch
OSV
linux-azure-fips vulnerabilities
osv·2026-03-24·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
osv·2026-03-10·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-aws-fips vulnerabilities
osv·2026-03-04·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-aws-fips vulnerabilities
linux-aws-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-aws, linux-aws-6.8, linux-ibm, linux-ibm-6.8, linux-xilinx vulnerabilities
osv·2026-02-26·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-aws, linux-aws-6.8, linux-ibm, linux-ibm-6.8, linux-xilinx vulnerabilities
linux-aws, linux-aws-6.8, linux-ibm, linux-ibm-6.8, linux-xilinx vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-gcp, linux-gcp-6.8, linux-gke, linux-oracle-6.8 vulnerabilities
osv·2026-02-25·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-gcp, linux-gcp-6.8, linux-gke, linux-oracle-6.8 vulnerabilities
linux-gcp, linux-gcp-6.8, linux-gke, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-fips, linux-gcp-fips vulnerabilities
osv·2026-02-25·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-realtime, linux-realtime-6.8 vulnerabilities
osv·2026-02-25·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-realtime, linux-realtime-6.8 vulnerabilities
linux-realtime, linux-realtime-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-raspi-realtime vulnerabilities
osv·2026-02-24·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux-raspi-realtime vulnerabilities
linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux, linux-gkeop, linux-hwe-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-raspi vulnerabilities
osv·2026-02-24·CVSS 5.5
CVE-2025-22037 [MEDIUM] linux, linux-gkeop, linux-hwe-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-raspi vulnerabilities
linux, linux-gkeop, linux-hwe-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
OSV
linux-azure vulnerabilities
osv·2025-08-28·CVSS 7.8
[HIGH] linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- Mellanox network drivers;
- PCI subsystem;
- PHY drivers;
- PTP
OSV
linux-aws-6.14 vulnerabilities
osv·2025-07-24·CVSS 7.8
[HIGH] linux-aws-6.14 vulnerabilities
linux-aws-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 networking;
- IPv6 networking;
- Net
OSV
linux-aws vulnerabilities
osv·2025-07-22·CVSS 7.8
[HIGH] linux-aws vulnerabilities
linux-aws vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 networking;
- IPv6 networking;
- Network
OSV
linux-oracle vulnerabilities
osv·2025-07-22·CVSS 7.8
[HIGH] linux-oracle vulnerabilities
linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 networking;
- IPv6 networking;
- Netwo
OSV
linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
osv·2025-07-17·CVSS 7.8
[HIGH] linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 netwo
OSV
linux-oem-6.14 vulnerabilities
osv·2025-07-17·CVSS 7.8
[HIGH] linux-oem-6.14 vulnerabilities
linux-oem-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 networking;
- IPv6 networking;
- Network traffic control;
GHSA
GHSA-3rcg-456g-86p6: In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently
ghsa_unreviewed·2025-05-20
CVE-2025-37899 [HIGH] CWE-416 GHSA-3rcg-456g-86p6: In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
OSV
CVE-2025-37899: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be
osv·2025-05-20·CVSS 7.8
CVE-2025-37899 [HIGH] CVE-2025-37899: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.
VulnCheck
Linux Kernel 'sess->user' Object Use‑After‑Free Vulnerability
vulncheck·2025·CVSS 7.8
CVE-2025-37899 [HIGH] Linux Kernel 'sess->user' Object Use‑After‑Free Vulnerability
Linux Kernel 'sess->user' Object Use‑After‑Free Vulnerability
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
Affected: Linux Kernel
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.enisa.europa.eu/sites/default/files/2025-10/ENISA%20Threat%20Landscape%202025.pdf
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25·CVSS 3.2
CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25
CVE-2025-40245 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
-
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-03-24·CVSS 5.5
CVE-2025-22037 [MEDIUM] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtua
Ubuntu
Linux kernel (NVIDIA) vulnerabilities
vendor_ubuntu·2026-03-10·CVSS 5.5
CVE-2025-37899 [MEDIUM] Linux kernel (NVIDIA) vulnerabilities
Title: Linux kernel (NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
l
Ubuntu
Linux kernel (AWS FIPS) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 5.5
CVE-2025-22037 [MEDIUM] Linux kernel (AWS FIPS) vulnerabilities
Title: Linux kernel (AWS FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-26·CVSS 5.5
CVE-2025-37899 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powe
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-02-25·CVSS 5.5
CVE-2025-37899 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
lin
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-25·CVSS 5.5
CVE-2025-37899 [MEDIUM] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-25·CVSS 5.5
CVE-2025-22037 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powe
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 5.5
CVE-2025-22037 [MEDIUM] Linux kernel (Raspberry Pi Real-time) vulnerabilities
Title: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE,
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-08-28·CVSS 7.8
CVE-2025-37895 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- N
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-07-24·CVSS 7.8
CVE-2025-37933 [HIGH] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing inf
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-07-22·CVSS 7.8
CVE-2025-37946 [HIGH] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing inf
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-07-22·CVSS 7.8
CVE-2025-37900 [HIGH] Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 7.8
CVE-2025-37933 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastru
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 7.8
CVE-2025-37933 [HIGH] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory
Red Hat
kernel: ksmbd: fix use-after-free in session logoff
vendor_redhat·2025-05-20·CVSS 7.8
CVE-2025-37899 [HIGH] CWE-416 kernel: ksmbd: fix use-after-free in session logoff
kernel: ksmbd: fix use-after-free in session logoff
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
Package: kernel (Red Hat Enterprise Linux 10) - Not affected
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 8) - No
Microsoft
ksmbd: fix use-after-free in session logoff
vendor_msrc·2025-05-13·CVSS 4.7
CVE-2025-37899 [HIGH] ksmbd: fix use-after-free in session logoff
ksmbd: fix use-after-free in session logoff
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Debian
CVE-2025-37899: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...
vendor_debian·2025·CVSS 7.8
CVE-2025-37899 [HIGH] CVE-2025-37899: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.
Scope: local
bookworm: resolved (fixed in 6.1.159-1)
bullseye: resolved
forky: resolved (fixed in 6.12.29-1)
sid: resolved (fixed in 6.12.29-1)
trixie: resolved (fixed in 6.12.29-1)
No detection rules found.
No public exploits indexed.
Huntress
The Evolving Linux Threat Landscape
blogs_huntress·2026-03-03
The Evolving Linux Threat Landscape
## Introduction
Linux is the backbone of the enterprise, supporting critical applications, web servers, cloud infrastructure, hypervisors, containers, CI/CD pipelines, and more. This makes it a high-value target for attackers. However, Linux kind of flies under the radar as an operating system.
The trends in the wild suggest 2026 is going to be an interesting year for Linux security. So, how do we see the Linux threat landscape evolving?
## Key takeaways
It might not get all the press attention, but threats to Linux endpoints are real, as Linux powers much of the Internet and digital business infrastructure.
Threats against Linux are evolving into cross-ecosystem attacks, making it harder for defenders.
Linux needs the same level of security as Windows and macOS endpoints to protect
Huntress
AI: Friend or Faux in Cybersecurity? Huntress Tradecraft Tuesday
blogs_huntress·2025-06-30
AI: Friend or Faux in Cybersecurity? Huntress Tradecraft Tuesday
As generative AI continues to rapidly evolve, security professionals keep coming back to the same question: Is AI good or bad for cybersecurity?
The answer isn’t that simple.
Generative AI models came with promises of major threat detection improvements and other benefits for security teams, like assisting in threat modeling, providing context around signals, and more. However, AI is also helping threat actors make their scams seem more legitimate and churn out phishing emails at a faster pace.
And then there are the other, more unexpected impacts of AI advancements.
Earlier this year, for instance, researchers identified malicious machine learning models on the Hugging Face AI development platform that were using a broken Python Pickle serialization format to evade detection.
And in
Huntress
The Evolving Linux Threat Landscape | Huntress
blogs_huntress
The Evolving Linux Threat Landscape | Huntress
## Introduction
Linux is the backbone of the enterprise, supporting critical applications, web servers, cloud infrastructure, hypervisors, containers, CI/CD pipelines, and more. This makes it a high-value target for attackers. However, Linux kind of flies under the radar as an operating system.
The trends in the wild suggest 2026 is going to be an interesting year for Linux security. So, how do we see the Linux threat landscape evolving?
## Key takeaways
- It might not get all the press attention, but threats to Linux endpoints are real, as Linux powers much of the Internet and digital business infrastructure.
- Threats against Linux are evolving into cross-ecosystem attacks, making it harder for defenders.
- Linux needs the same level of security as Windows and macOS endpoints to prot
Huntress
AI: Friend or Faux in Cybersecurity? Huntress Tradecraft Tuesday | Huntress
blogs_huntress
AI: Friend or Faux in Cybersecurity? Huntress Tradecraft Tuesday | Huntress
As generative AI continues to rapidly evolve, security professionals keep coming back to the same question: Is AI good or bad for cybersecurity?
The answer isn’t that simple.
Generative AI models came with promises of major threat detection improvements and other benefits for security teams, like assisting in threat modeling, providing context around signals, and more. However, AI is also helping threat actors make their scams seem more legitimate and churn out phishing emails at a faster pace.
And then there are the other, more unexpected impacts of AI advancements.
Earlier this year, for instance, researchers identified malicious machine learning models on the Hugging Face AI development platform that were using a broken Python Pickle serialization format to evade detection.
And in
Bugzilla
CVE-2025-37899 kernel: ksmbd: fix use-after-free in session logoff
bugzilla·2025-05-20·CVSS 7.8
CVE-2025-37899 [HIGH] CVE-2025-37899 kernel: ksmbd: fix use-after-free in session logoff
CVE-2025-37899 kernel: ksmbd: fix use-after-free in session logoff
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
Discussion:
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025052055-CVE-2025-37899-7366@gregkh/T
arXiv
On the Surprising Efficacy of LLMs for Penetration-Testing
arxiv_fulltext·2025-07-01
On the Surprising Efficacy of LLMs for Penetration-Testing
On the Surprising Efficacy of LLMs for Penetration-Testing
Andreas Happe
[email protected]
0009-0000-2484-0109
TU Wien
Vienna
Austria
Jürgen Cito
[email protected]
0000-0001-8619-1271
TU Wien
Vienna
Austria
## Abstract
This paper presents a critical examination of the surprising efficacy of Large Language Models (LLMs) in penetration testing. The paper thoroughly reviews the evolution of LLMs and their rapidly expanding capabilities which render them increasingly suitable for complex penetration testing operations. It systematically details the historical adoption of LLMs in both academic research and industry, showcasing their application across various offensive security tasks and covering broader phases of the cyber kill chain. Crucially, the analysis also extends
https://git.kernel.org/stable/c/02d16046cd11a5c037b28c12ffb818c56dd3ef43https://git.kernel.org/stable/c/2fc9feff45d92a92cd5f96487655d5be23fb7e2bhttps://git.kernel.org/stable/c/70ad6455139e26e85f48f95d0e21f351c1909342https://git.kernel.org/stable/c/931dc8a3670f71c45c0b1379ea4e92dafbda1acahttps://git.kernel.org/stable/c/d5ec1d79509b3ee01de02c236f096bc050221b7fhttps://news.ycombinator.com/item?id=44081338https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
2025-05-20
Published
Exploited in the wild