5.5

CVE-2025-38575

ksmbd: use aead_request_free to match aead_request_alloc

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use aead_request_free to match aead_request_alloc

Use aead_request_free() instead of kfree() to properly free memory
allocated by aead_request_alloc(). This ensures sensitive crypto data
is zeroed before being freed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 5.15.180
LinuxLinux Kernel Version >= 5.16 < 6.1.134
LinuxLinux Kernel Version >= 6.2 < 6.6.87
LinuxLinux Kernel Version >= 6.7 < 6.12.23
LinuxLinux Kernel Version >= 6.13 < 6.13.11
LinuxLinux Kernel Version >= 6.14 < 6.14.2
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.141
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/571b342d4688801fc1f6a1934389dac09425dc93
Patch
https://git.kernel.org/stable/c/a6b594868268c3a7bfaeced912525cd2c445529a
Patch
https://git.kernel.org/stable/c/1de7fec4d3012672e31eeb6679ea60f7ca010ef9
Patch
https://git.kernel.org/stable/c/3e341dbd5f5a6e5a558e67da80731dc38a7f758c
Patch
https://git.kernel.org/stable/c/aef10ccd74512c52e30c5ee19d0031850973e78d
Patch
https://git.kernel.org/stable/c/46caeae23035192b9cc41872c827f30d0233f16e
Patch
https://git.kernel.org/stable/c/6171063e9d046ffa46f51579b2ca4a43caef581a
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Third Party Advisory
Mailing List