CVE-2025-37899

Name of the Vulnerable Software and Affected Versions Linux kernel ksmbd module (affected versions not specified)

Description A use-after-free issue exists in the ksmbd module, which provides an in-kernel implementation of the SMB (Server Message Block) file server. The flaw is located in the smb2 sess setup() function within the fs/smb/server/smb2pdu.c module, specifically during the handling of the SMB logoff command. The sess->user object can be accessed by another thread if a session setup request is sent to bind to a session that is currently being freed. This memory safety error could allow a remote attacker to cause a denial of service (system crash) or potentially execute arbitrary code with kernel privileges, which could lead to root access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.