CVE-2025-37956

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37956
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37956.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37956
Downstream
Related
Published
2025-05-20T16:01:49.865Z
Modified
2025-11-27T19:34:01.188183Z
Summary
ksmbd: prevent rename with empty string
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: prevent rename with empty string

Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to rename a file or directory with an empty new name string.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2025/37xxx/CVE-2025-37956.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
6ee551672c8cf36108b0cfba92ec0c7c28ac3439
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
c57301e332cc413fe0a7294a90725f4e21e9549d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
d7f2c00acb1ef64304fd40ac507e9213ff1d9b5c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
53e3e5babc0963a92d856a5ec0ce92c59f54bc12

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.6.91
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.29
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.14.7