CVE-2025-37952

EPSS 0.02%
Veröffentlicht 20.05.2025 16:15:33
Zuletzt bearbeitet 17.11.2025 12:57:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: Fix UAF in __close_file_table_ids

A use-after-free is possible if one thread destroys the file
via __ksmbd_close_fd while another thread holds a reference to
it. The existing checks on fp->refcount are not sufficient to
prevent this.

The fix takes ft->lock around the section which removes the
file from the file table. This prevents two threads acquiring the
same file pointer via __close_file_table_ids, as well as the other
functions which retrieve a file from the IDR and which already use
this same lock.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15 < 6.6.91

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.29

Linux ≫ Linux Kernel Version >= 6.13 < 6.14.7

Linux ≫ Linux Kernel Version6.15 Updaterc1

Linux ≫ Linux Kernel Version6.15 Updaterc2

Linux ≫ Linux Kernel Version6.15 Updaterc3

Linux ≫ Linux Kernel Version6.15 Updaterc4

Linux ≫ Linux Kernel Version6.15 Updaterc5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.038

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/16727e442568a46d9cca69fe2595896de86e120d

Patch

https://git.kernel.org/stable/c/36991c1ccde2d5a521577c448ffe07fcccfe104d

Patch

https://git.kernel.org/stable/c/9e9841e232b51171ddf3bc4ee517d5d28dc8cad6

Patch

https://git.kernel.org/stable/c/fec1f9e9a650e8e7011330a085c77e7bf2a08ea9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-37952

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-37952

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-37952

EUVD