In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix null pointer dereference in alloc_preauth_hash()

The Client send malformed smb2 negotiate request. ksmbd return error
response. Subsequently, the client can send smb2 session setup even
thought conn->preauth_info is not allocated.
This patch add KSMBD_SESS_NEED_SETUP status of connection to ignore
session setup request if smb2 negotiate phase is not complete.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 19 Sep 2025 15:00:00 +0000


Sat, 09 Aug 2025 14:45:00 +0000

Type Values Removed Values Added
References

Sat, 17 May 2025 06:45:00 +0000

Type Values Removed Values Added
Metrics threat_severity

Low

threat_severity

Moderate


Tue, 29 Apr 2025 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-476
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Sat, 19 Apr 2025 02:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Wed, 16 Apr 2025 14:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn->preauth_info is not allocated. This patch add KSMBD_SESS_NEED_SETUP status of connection to ignore session setup request if smb2 negotiate phase is not complete.
Title ksmbd: fix null pointer dereference in alloc_preauth_hash()
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-09-19T14:53:58.094Z

Reserved: 2024-12-29T08:45:45.809Z

Link: CVE-2025-22037

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2025-04-16T15:15:56.310

Modified: 2025-09-19T15:15:48.433

Link: CVE-2025-22037

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-04-16T00:00:00Z

Links: CVE-2025-22037 - Bugzilla

cve-icon OpenCVE Enrichment

No data.