Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-3x67-44wh-mrgf

Опубликовано: 20 мая 2025
Источник: github
Github: Не прошло ревью

Описание

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in kerberos authentication

Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in kerberos authentication

Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

Ссылки

EPSS

Процентиль: 42%
0.00197
Низкий

CVE ID

CVE-2025-37924

Связанные уязвимости

ubuntu логотип

CVE-2025-37924

ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

redhat логотип

CVE-2025-37924

CVSS3: 5.5
redhat
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

nvd логотип

CVE-2025-37924

nvd
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL.

msrc логотип

CVE-2025-37924

CVSS3: 5.5
msrc
4 месяца назад

ksmbd: fix use-after-free in kerberos authentication

debian логотип

CVE-2025-37924

debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: k ...

EPSS

Процентиль: 42%
0.00197
Низкий

CVE ID

CVE-2025-37924