Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-22040
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-16 Apr, 2025 | 14:11
Updated At-26 May, 2025 | 05:17
Rejected At-
▼CVE Numbering Authority (CNA)
ksmbd: fix session use-after-free in multichannel connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbd_sessions_deregister. The session can be freed before the connection is added to channel list of session. This patch check reference count of session before freeing it.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/server/auth.c
  • fs/smb/server/mgmt/user_session.c
  • fs/smb/server/smb2pdu.c
Default Status
unaffected
Versions
Affected
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before 596407adb9af1ee75fe7c7529607783d31b66e7f (git)
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before 3980770cb1470054e6400fd97668665975726737 (git)
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before 9069939d762138e232a6f79e3e1462682ed6a17d (git)
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before 94c281721d4ed2d972232414b91d98a6f5bdb16b (git)
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before 7dfbd4c43eed91dd2548a95236908025707a8dfd (git)
  • From 0626e6641f6b467447c81dd7678a69c66f7746cf before fa4cdb8cbca7d6cb6aa13e4d8d83d1103f6345db (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/server/auth.c
  • fs/smb/server/mgmt/user_session.c
  • fs/smb/server/smb2pdu.c
Default Status
affected
Versions
Affected
  • 5.15
Unaffected
  • From 0 before 5.15 (semver)
  • From 6.1.134 through 6.1.* (semver)
  • From 6.6.87 through 6.6.* (semver)
  • From 6.12.23 through 6.12.* (semver)
  • From 6.13.11 through 6.13.* (semver)
  • From 6.14.2 through 6.14.* (semver)
  • From 6.15 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/596407adb9af1ee75fe7c7529607783d31b66e7f
N/A
https://git.kernel.org/stable/c/3980770cb1470054e6400fd97668665975726737
N/A
https://git.kernel.org/stable/c/9069939d762138e232a6f79e3e1462682ed6a17d
N/A
https://git.kernel.org/stable/c/94c281721d4ed2d972232414b91d98a6f5bdb16b
N/A
https://git.kernel.org/stable/c/7dfbd4c43eed91dd2548a95236908025707a8dfd
N/A
https://git.kernel.org/stable/c/fa4cdb8cbca7d6cb6aa13e4d8d83d1103f6345db
N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found