CVE-2025-37899

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2025

Description A use-after-free vulnerability exists in the ksmbd module of the Linux kernel’s SMB implementation, specifically within the smb2 sess setup function. This flaw occurs when handling concurrent session logoff requests, potentially allowing a remote attacker to trigger memory corruption and potentially gain kernel-level code execution. The vulnerability was discovered by a security researcher utilizing OpenAI’s o3 model, which analyzed approximately 12,000 lines of code to identify the issue. The sess->user object can be accessed by another thread while being freed, leading to the use-after-free condition.

Recommendations Update to a newer version of the Linux kernel that addresses this vulnerability. As a temporary workaround, consider disabling the ksmbd module if SMB functionality is not critical. Restrict access to the SMB service to minimize the attack surface.