Back to search
CVE-2025-38562
Published: Aug 19, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generate_encryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generate_encryptionkey could happen. sess->Preauth_HashValue is set to NULL if session is valid. So this patch skip generate encryption key if session is valid.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 922f85e6e88fdea723a26854c3a6dcb4beb8d0b9affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 96a82e19434a2522525baab59c33332658bc7653affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < d79c8bebaa622ee223128be7c66d8aaeeb634a57affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 2a30ed6428ce83afedca1a6c5c5c4247bcf12d0eaffected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 015ef163d65496ae3ba6192c96140a22743f0353+2 more versions |
Linux | Linux | affected 5.15unaffected 0 - < 5.15unaffected 5.15.203 - <= 5.15.*unaffected 6.1.148 - <= 6.1.*unaffected 6.6.102 - <= 6.6.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now