CVE-2025-22038

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-22038
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22038.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-22038
Downstream
Related
Published
2025-04-16T14:11:56.316Z
Modified
2025-11-28T02:35:45.980358Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
ksmbd: validate zero num_subauth before sub_auth is accessed
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: validate zero numsubauth before subauth is accessed

Access psid->subauth[psid->numsubauth - 1] without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth != 0 before sub_auth is accessed.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22038.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
3ac65de111c686c95316ade660f8ba7aea3cd3cc
Fixed
0e36a3e080d6d8bd7a34e089345d043da4ac8283
Fixed
56de7778a48560278c334077ace7b9ac4bfb2fd1
Fixed
68c6c3142bfcdb049839d40a9a59ebe8ea865002
Fixed
c8bfe1954a0b89e7b29b3a3e7f4c5e0ebd295e20
Fixed
bf21e29d78cd2c2371023953d9c82dfef82ebb36

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.1.134
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.87
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.23
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.11
Type
ECOSYSTEM
Events
Introduced
6.14.0
Fixed
6.14.2