-

CVE-2025-38575

EPSS 0.06%
Veröffentlicht 18.04.2025 07:01:33
Zuletzt bearbeitet 03.11.2025 20:18:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use aead_request_free to match aead_request_alloc

Use aead_request_free() instead of kfree() to properly free memory
allocated by aead_request_alloc(). This ensures sensitive crypto data
is zeroed before being freed.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 571b342d4688801fc1f6a1934389dac09425dc93

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < a6b594868268c3a7bfaeced912525cd2c445529a

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < 1de7fec4d3012672e31eeb6679ea60f7ca010ef9

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < 3e341dbd5f5a6e5a558e67da80731dc38a7f758c

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < aef10ccd74512c52e30c5ee19d0031850973e78d

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < 46caeae23035192b9cc41872c827f30d0233f16e

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

Version < 6171063e9d046ffa46f51579b2ca4a43caef581a

Version e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.180

Status unaffected

Version <= 6.1.*

Version 6.1.134

Status unaffected

Version <= 6.6.*

Version 6.6.87

Status unaffected

Version <= 6.12.*

Version 6.12.23

Status unaffected

Version <= 6.13.*

Version 6.13.11

Status unaffected

Version <= 6.14.*

Version 6.14.2

Status unaffected

Version <= *

Version 6.15

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.2

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/571b342d4688801fc1f6a1934389dac09425dc93

https://git.kernel.org/stable/c/a6b594868268c3a7bfaeced912525cd2c445529a

https://git.kernel.org/stable/c/1de7fec4d3012672e31eeb6679ea60f7ca010ef9

https://git.kernel.org/stable/c/3e341dbd5f5a6e5a558e67da80731dc38a7f758c

https://git.kernel.org/stable/c/aef10ccd74512c52e30c5ee19d0031850973e78d

https://git.kernel.org/stable/c/46caeae23035192b9cc41872c827f30d0233f16e

https://git.kernel.org/stable/c/6171063e9d046ffa46f51579b2ca4a43caef581a

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

https://nvd.nist.gov/vuln/detail/CVE-2025-38575

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38575

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38575

EUVD