| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025081907-CVE-2025-38561-0f75@gregkh> Date: Tue, 19 Aug 2025 19:18:08 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38561: ksmbd: fix Preauh_HashValue race condition From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase. The Linux kernel CVE team has assigned CVE-2025-38561 to this issue. Affected and fixed versions =========================== Fixed in 6.1.148 with commit fbf5c0845ed15122a770bca9be1d9b60b470d3aa Fixed in 6.6.102 with commit b69fd87076daa66f3d186bd421a7b0ee0cb45829 Fixed in 6.12.42 with commit edeecc7871e8fc0878d53ce286c75040a0e38f6c Fixed in 6.15.10 with commit 7d7c0c5304c88bcbd7a85e9bcd61d27e998ba5fc Fixed in 6.16.1 with commit 6613887da1d18dd2ecfd6c6148a873c4d903ebdc Fixed in 6.17-rc1 with commit 44a3059c4c8cc635a1fb2afd692d0730ca1ba4b6 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38561 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/smb/server/smb2pdu.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/fbf5c0845ed15122a770bca9be1d9b60b470d3aa https://git.kernel.org/stable/c/b69fd87076daa66f3d186bd421a7b0ee0cb45829 https://git.kernel.org/stable/c/edeecc7871e8fc0878d53ce286c75040a0e38f6c https://git.kernel.org/stable/c/7d7c0c5304c88bcbd7a85e9bcd61d27e998ba5fc https://git.kernel.org/stable/c/6613887da1d18dd2ecfd6c6148a873c4d903ebdc https://git.kernel.org/stable/c/44a3059c4c8cc635a1fb2afd692d0730ca1ba4b6
Powered by blists - more mailing lists