CVE-2025-38437

Published: Jul 25, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbd_iov_pin_rsp return error, use-after-free can happen by accessing opinfo->state and opinfo_put and ksmbd_fd_put could called twice.

Vendor	Product	Versions
Linux	Linux	affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < e38ec88a2b42c494601b1213816d75f0b54d9bf0` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 97c355989928a5f60b228ef5266c1be67a46cdf9` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 815f1161d6dbc4c54ccf94b7d3fdeab34b4d7477` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 8106adc21a2270c16abf69cd74ccd7c79c6e7acd` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 50f930db22365738d9387c974416f38a06e8057e`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `6.1.146 - <= 6.1.` unaffected `6.6.99 - <= 6.6.` unaffected `6.12.39 - <= 6.12.*` +2 more versions

References

https://git.kernel.org/stable/c/e38ec88a2b42c494601b1213816d75f0b54d9bf0

https://git.kernel.org/stable/c/97c355989928a5f60b228ef5266c1be67a46cdf9

https://git.kernel.org/stable/c/815f1161d6dbc4c54ccf94b7d3fdeab34b4d7477

https://git.kernel.org/stable/c/8106adc21a2270c16abf69cd74ccd7c79c6e7acd

https://git.kernel.org/stable/c/50f930db22365738d9387c974416f38a06e8057e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38437

Description

Affected Products

References