CVE-2025-38575

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38575
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38575.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38575
Downstream
Related
Published
2025-04-18T07:01:33.904Z
Modified
2026-03-09T23:54:34.185417Z
Summary
ksmbd: use aead_request_free to match aead_request_alloc
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use aeadrequestfree to match aeadrequestalloc

Use aeadrequestfree() instead of kfree() to properly free memory allocated by aeadrequestalloc(). This ensures sensitive crypto data is zeroed before being freed.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38575.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9
Fixed
571b342d4688801fc1f6a1934389dac09425dc93
Fixed
a6b594868268c3a7bfaeced912525cd2c445529a
Fixed
1de7fec4d3012672e31eeb6679ea60f7ca010ef9
Fixed
3e341dbd5f5a6e5a558e67da80731dc38a7f758c
Fixed
aef10ccd74512c52e30c5ee19d0031850973e78d
Fixed
46caeae23035192b9cc41872c827f30d0233f16e
Fixed
6171063e9d046ffa46f51579b2ca4a43caef581a

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38575.json"