CVE-2025-37926
- Source
- https://cve.org/CVERecord?id=CVE-2025-37926
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37926.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37926
- Downstream
- Published
- 2025-05-20T15:21:53.359Z
- Modified
- 2026-05-15T11:53:59.924182655Z
- Summary
- ksmbd: fix use-after-free in ksmbd_session_rpc_open
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in ksmbdsessionrpc_open
A UAF issue can occur due to a race condition between ksmbdsessionrpc_open() and _sessionrpcclose(). Add rpclock to the session to protect it.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37926.json" }- References
-
- https://git.kernel.org/stable/c/1067361a1cc6ad9cdf7acfc47f90012b72ad1502
- https://git.kernel.org/stable/c/6323fec65fe54b365961fed260dd579191e46121
- https://git.kernel.org/stable/c/8fb3b6c85b7e3127161623586b62abcc366caa20
- https://git.kernel.org/stable/c/a1f46c99d9ea411f9bf30025b912d881d36fc709
- https://git.kernel.org/stable/c/a4348710a7267705b75692dc1a000920481d1d92
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37926.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-37926
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git