CVE-2025-38561
published 2025-08-19CVE-2025-38561: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests…
medium4.7CVSS 3.1
AVLACHPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix Preauh_HashValue race condition
If client send multiple session setup requests to ksmbd,
Preauh_HashValue race condition could happen.
There is no need to free sess->Preauh_HashValue at session setup phase.
It can be freed together with session at connection termination phase.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.148-1 (bookworm) | linux 6.1.148-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.148-1 (bookworm) | linux 6.1.148-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < fbf5c0845ed15122a770bca9be1d9b60b470d3aa | fbf5c0845ed15122a770bca9be1d9b60b470d3aa |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < b69fd87076daa66f3d186bd421a7b0ee0cb45829 | b69fd87076daa66f3d186bd421a7b0ee0cb45829 |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < edeecc7871e8fc0878d53ce286c75040a0e38f6c | edeecc7871e8fc0878d53ce286c75040a0e38f6c |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 7d7c0c5304c88bcbd7a85e9bcd61d27e998ba5fc | 7d7c0c5304c88bcbd7a85e9bcd61d27e998ba5fc |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 6613887da1d18dd2ecfd6c6148a873c4d903ebdc | 6613887da1d18dd2ecfd6c6148a873c4d903ebdc |
| linux | linux | >= 0626e6641f6b467447c81dd7678a69c66f7746cf < 44a3059c4c8cc635a1fb2afd692d0730ca1ba4b6 | 44a3059c4c8cc635a1fb2afd692d0730ca1ba4b6 |
| linux | linux_kernel | >= 0 < 6.1.148-1 | 6.1.148-1 |
| linux | linux_kernel | >= 0 < 6.12.43-1 | 6.12.43-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-168.178 | 5.15.0-168.178 |
| linux | linux_kernel | >= 0 < 6.8.0-94.96 | 6.8.0-94.96 |
| linux | linux_kernel | >= 5.15 < 6.1.148 | 6.1.148 |
| linux | linux_kernel | >= 6.13 < 6.15.10 | 6.15.10 |
| linux | linux_kernel | >= 6.16 < 6.16.1 | 6.16.1 |
| linux | linux_kernel | >= 6.2 < 6.6.102 | 6.6.102 |
| linux | linux_kernel | >= 6.7 < 6.12.42 | 6.12.42 |
| msrc | azl3_cni_1.1.2-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_cni_1.1.2-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_containernetworking-plugins_1.6.1-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_keda_2.14.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_keda_2.4.0-15_on_azure_linux_3.0 | — | — |
CVSS provenance
nvdv3.14.7MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
osv4.7MEDIUM