| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025041818-CVE-2025-38575-2d0f@gregkh> Date: Fri, 18 Apr 2025 09:02:23 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38575: ksmbd: use aead_request_free to match aead_request_alloc From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free() instead of kfree() to properly free memory allocated by aead_request_alloc(). This ensures sensitive crypto data is zeroed before being freed. The Linux kernel CVE team has assigned CVE-2025-38575 to this issue. Affected and fixed versions =========================== Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 5.15.180 with commit 571b342d4688801fc1f6a1934389dac09425dc93 Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.1.134 with commit a6b594868268c3a7bfaeced912525cd2c445529a Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.6.87 with commit 1de7fec4d3012672e31eeb6679ea60f7ca010ef9 Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.12.23 with commit 3e341dbd5f5a6e5a558e67da80731dc38a7f758c Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.13.11 with commit aef10ccd74512c52e30c5ee19d0031850973e78d Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.14.2 with commit 46caeae23035192b9cc41872c827f30d0233f16e Issue introduced in 5.15 with commit e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 and fixed in 6.15-rc1 with commit 6171063e9d046ffa46f51579b2ca4a43caef581a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38575 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/smb/server/auth.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/571b342d4688801fc1f6a1934389dac09425dc93 https://git.kernel.org/stable/c/a6b594868268c3a7bfaeced912525cd2c445529a https://git.kernel.org/stable/c/1de7fec4d3012672e31eeb6679ea60f7ca010ef9 https://git.kernel.org/stable/c/3e341dbd5f5a6e5a558e67da80731dc38a7f758c https://git.kernel.org/stable/c/aef10ccd74512c52e30c5ee19d0031850973e78d https://git.kernel.org/stable/c/46caeae23035192b9cc41872c827f30d0233f16e https://git.kernel.org/stable/c/6171063e9d046ffa46f51579b2ca4a43caef581a
Powered by blists - more mailing lists