CVE-2025-38437
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix potential use-after-free in oplock/lease break ack
If ksmbd_iov_pin_rsp return error, use-after-free can happen by accessing opinfo->state and opinfo_put and ksmbd_fd_put could called twice.
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 5.15 | 6.1.146 |
| linux / linux_kernel | 6.2 | 6.6.99 |
| linux / linux_kernel | 6.7 | 6.12.39 |
| linux / linux_kernel | 6.13 | 6.15.7 |
| linux / linux_kernel | 6.16-rc1 | 6.16-rc1.x |
| linux / linux_kernel | 6.16-rc2 | 6.16-rc2.x |
| linux / linux_kernel | 6.16-rc3 | 6.16-rc3.x |
| linux / linux_kernel | 6.16-rc4 | 6.16-rc4.x |
| linux / linux_kernel | 6.16-rc5 | 6.16-rc5.x |
| debian / debian_linux | 11.0 | 11.0.x |
- https://git.kernel.org/stable/c/50f930db22365738d9387c974416f38a06e8057e
- https://git.kernel.org/stable/c/8106adc21a2270c16abf69cd74ccd7c79c6e7acd
- https://git.kernel.org/stable/c/815f1161d6dbc4c54ccf94b7d3fdeab34b4d7477
- https://git.kernel.org/stable/c/97c355989928a5f60b228ef5266c1be67a46cdf9
- https://git.kernel.org/stable/c/e38ec88a2b42c494601b1213816d75f0b54d9bf0
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime