CVE-2025-38431

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38431
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38431.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38431
Downstream
Published
2025-07-25T14:22:34Z
Modified
2025-10-18T03:53:52.464440Z
Summary
smb: client: fix regression with native SMB symlinks
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix regression with native SMB symlinks

Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even when those symlinks weren't followed.

Fix this by allowing lstat(2) and readlink(2) to succeed even when the client can't resolve the symlink target, restoring old behavior.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
12b466eb52d926802b6898d2cb7e67386467f54a
Fixed
6ddaf7567080c7de2e0c99efca2ee1e6b79beea5
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
12b466eb52d926802b6898d2cb7e67386467f54a
Fixed
ff8abbd248c1f52df0c321690b88454b13ff54b2

Affected versions

v6.*

v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.16-rc1
v6.16-rc2
v6.16-rc3

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "162371644524792098640265567888297784619",
                "130734416983232160800692231302125343065",
                "254782156329356505459234934332953398428",
                "239123614816887810049095791541338195617",
                "39934624846458003206918310429478332103",
                "237523289699076467867380218460724651124",
                "312051064400369053162149737972150268090",
                "92521923661101962664792617606259198316",
                "195695934540888562241055055514873710771",
                "16563239707340212925899619463079297240",
                "279074387537809185870817133914175207098",
                "196769926218283672735641671647828224048",
                "291560322734202377104081119532252048528",
                "265323786465770398738688400541812690454",
                "39934624846458003206918310429478332103",
                "237523289699076467867380218460724651124",
                "312051064400369053162149737972150268090",
                "92521923661101962664792617606259198316",
                "199105109713045531584394031153466980899",
                "317485157204476399322654574792495532545",
                "2452491406126787114595964648116415216",
                "298494999117992911052270475694140744760",
                "142619512729141124907574016726962530498"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "fs/smb/client/reparse.c"
        },
        "deprecated": false,
        "id": "CVE-2025-38431-627d2383",
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff8abbd248c1f52df0c321690b88454b13ff54b2"
    },
    {
        "digest": {
            "length": 2865.0,
            "function_hash": "82580409891326102262992649813057854790"
        },
        "target": {
            "file": "fs/smb/client/reparse.c",
            "function": "smb2_parse_native_symlink"
        },
        "deprecated": false,
        "id": "CVE-2025-38431-a0648701",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ddaf7567080c7de2e0c99efca2ee1e6b79beea5"
    },
    {
        "digest": {
            "line_hashes": [
                "162371644524792098640265567888297784619",
                "130734416983232160800692231302125343065",
                "254782156329356505459234934332953398428",
                "239123614816887810049095791541338195617",
                "39934624846458003206918310429478332103",
                "237523289699076467867380218460724651124",
                "312051064400369053162149737972150268090",
                "92521923661101962664792617606259198316",
                "195695934540888562241055055514873710771",
                "16563239707340212925899619463079297240",
                "279074387537809185870817133914175207098",
                "196769926218283672735641671647828224048",
                "291560322734202377104081119532252048528",
                "265323786465770398738688400541812690454",
                "39934624846458003206918310429478332103",
                "237523289699076467867380218460724651124",
                "312051064400369053162149737972150268090",
                "92521923661101962664792617606259198316",
                "199105109713045531584394031153466980899",
                "317485157204476399322654574792495532545",
                "2452491406126787114595964648116415216",
                "298494999117992911052270475694140744760",
                "142619512729141124907574016726962530498"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "fs/smb/client/reparse.c"
        },
        "deprecated": false,
        "id": "CVE-2025-38431-b81cb4d3",
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ddaf7567080c7de2e0c99efca2ee1e6b79beea5"
    },
    {
        "digest": {
            "length": 2865.0,
            "function_hash": "82580409891326102262992649813057854790"
        },
        "target": {
            "file": "fs/smb/client/reparse.c",
            "function": "smb2_parse_native_symlink"
        },
        "deprecated": false,
        "id": "CVE-2025-38431-d7c0a12d",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff8abbd248c1f52df0c321690b88454b13ff54b2"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.14.0
Fixed
6.15.5