PT-2025-18431 · Linux+8 · Linux Kernel+8

Published

2025-04-09

·

Updated

2026-04-20

·

CVE-2025-37750

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version
Description A use-after-free vulnerability has been identified in the Linux kernel's SMB client, specifically in the decryption process with multichannel. This issue arises when multiple cifsd threads access the AEAD TFM simultaneously, leading to a potential crash or code execution. The vulnerability was discovered when running fstest generic/249 with specific settings against Windows Server 2022, resulting in a KASAN splat.
Recommendations As a temporary workaround, consider disabling the multichannel feature in the SMB client until a patch is available. Restrict access to the vulnerable SMB client to minimize the risk of exploitation. Update to a newer version of the Linux kernel that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:9080
AZL-69737
BDU:2026-06018
CVE-2025-37750
ECHO-BD07-A12E-B533
INFSA-2025_9080
RHSA-2025:9079
RHSA-2025:9080
RHSA-2025:9393
RHSA-2025_9080
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:01972-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_01972-1
SUSE-SU-2025_02000-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Affected Products

Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu