CVE-2025-37899

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-37899
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37899.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37899
Downstream
Published
2025-05-20T15:21:34.782Z
Modified
2026-05-28T03:52:40.396758282Z
Summary
ksmbd: fix use-after-free in session logoff
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in session logoff

The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2sesssetup function which makes use of sess->user.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37899.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
931dc8a3670f71c45c0b1379ea4e92dafbda1aca
Fixed
70ad6455139e26e85f48f95d0e21f351c1909342
Fixed
d5ec1d79509b3ee01de02c236f096bc050221b7f
Fixed
02d16046cd11a5c037b28c12ffb818c56dd3ef43
Fixed
2fc9feff45d92a92cd5f96487655d5be23fb7e2b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37899.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.1.159
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.119
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.28
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.14.6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37899.json"