fkie_nvd - fkie_cve-2025-37777

fkie_cve-2025-37777

Vulnerability from fkie_nvd

Published

2025-05-01 14:15

Modified

2025-08-01 09:15

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __smb2_lease_break_noti() Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn->tcp_transport is freed. __smb2_lease_break_noti can be performed asynchronously when the connection is disconnected. __smb2_lease_break_noti calls ksmbd_conn_write, which can cause use-after-free when conn->ksmbd_transport is already freed.

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1da8bd9a10ecd718692732294d15fd801c0eabb5
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/e59796fc80603bcd8569d4d2e10b213c1918edb4

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in __smb2_lease_break_noti()\n\nMove tcp_transport free to ksmbd_conn_free. If ksmbd connection is\nreferenced when ksmbd server thread terminates, It will not be freed,\nbut conn-\u003etcp_transport is freed. __smb2_lease_break_noti can be performed\nasynchronously when the connection is disconnected. __smb2_lease_break_noti\ncalls ksmbd_conn_write, which can cause use-after-free\nwhen conn-\u003eksmbd_transport is already freed."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se corrige el error \"use-after-free\" en __smb2_lease_break_noti(). Se mueve tcp_transport libre a ksmbd_conn_free. Si se hace referencia a la conexi\u00f3n ksmbd al finalizar el subproceso del servidor ksmbd, no se liberar\u00e1, pero s\u00ed se liberar\u00e1 conn-\u0026gt;tcp_transport. __smb2_lease_break_noti puede ejecutarse asincr\u00f3nicamente cuando se desconecta la conexi\u00f3n. __smb2_lease_break_noti llama a ksmbd_conn_write, lo que puede causar un error \"use-after-free\" cuando conn-\u0026gt;ksmbd_transport ya est\u00e1 liberado."
    }
  ],
  "id": "CVE-2025-37777",
  "lastModified": "2025-08-01T09:15:31.173",
  "metrics": {},
  "published": "2025-05-01T14:15:41.493",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1da8bd9a10ecd718692732294d15fd801c0eabb5"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/e59796fc80603bcd8569d4d2e10b213c1918edb4"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2025-37777 (GCVE-0-2025-37777)

Vulnerability from cvelistv5

Published

2025-05-01 13:07

Modified

2025-08-09 14:20

Severity ?

Summary

References

►

URL

Tags

	https://git.kernel.org/stable/c/1da8bd9a10ecd718692732294d15fd801c0eabb5
	https://git.kernel.org/stable/c/1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e
	https://git.kernel.org/stable/c/e59796fc80603bcd8569d4d2e10b213c1918edb4
	https://git.kernel.org/stable/c/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de

Impacted products

Vendor

Product

Version

►

Linux

Version: 0626e6641f6b467447c81dd7678a69c66f7746cf
Version: 0626e6641f6b467447c81dd7678a69c66f7746cf
Version: 0626e6641f6b467447c81dd7678a69c66f7746cf
Version: 0626e6641f6b467447c81dd7678a69c66f7746cf

Linux

Version: 5.15

Show details on NVD website