github - ghsa-mf4c-hrq6-7vxq

ghsa-mf4c-hrq6-7vxq

Vulnerability from github

Published

2025-07-10 09:32

Modified

2025-08-01 09:31

Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: add free_transport ops in ksmbd connection

free_transport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add free_transport ops in ksmbd connection, and add each free_transports for tcp and smbdirect.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38325"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-10T09:15:26Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: add free_transport ops in ksmbd connection\n\nfree_transport function for tcp connection can be called from smbdirect.\nIt will cause kernel oops. This patch add free_transport ops in ksmbd\nconnection, and add each free_transports for tcp and smbdirect.",
  "id": "GHSA-mf4c-hrq6-7vxq",
  "modified": "2025-08-01T09:31:23Z",
  "published": "2025-07-10T09:32:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38325"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3890da762a66191c440b0bd6e3ee45501edbb0c1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f3aae77280aad9f5acc6709c596148966f765c7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/52f5a52dc17a4a7b4363ac03fe2c4ef26f020dc6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a89f5fae998bdc4d0505306f93844c9ae059d50c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2025-38325 (GCVE-0-2025-38325)

Vulnerability from cvelistv5

Published

2025-07-10 08:14

Modified

2025-08-09 14:20

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add free_transport ops in ksmbd connection free_transport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add free_transport ops in ksmbd connection, and add each free_transports for tcp and smbdirect.

References

URL

Tags

	https://git.kernel.org/stable/c/52f5a52dc17a4a7b4363ac03fe2c4ef26f020dc6
	https://git.kernel.org/stable/c/3890da762a66191c440b0bd6e3ee45501edbb0c1
	https://git.kernel.org/stable/c/3f3aae77280aad9f5acc6709c596148966f765c7
	https://git.kernel.org/stable/c/a89f5fae998bdc4d0505306f93844c9ae059d50c

Impacted products

Vendor

Product

Version

Version: 1da8bd9a10ecd718692732294d15fd801c0eabb5
Version: 1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e
Version: 21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de
Version: 21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de
Version: e59796fc80603bcd8569d4d2e10b213c1918edb4

Version: 6.15

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/connection.c",
            "fs/smb/server/connection.h",
            "fs/smb/server/transport_rdma.c",
            "fs/smb/server/transport_tcp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "52f5a52dc17a4a7b4363ac03fe2c4ef26f020dc6",
              "status": "affected",
              "version": "1da8bd9a10ecd718692732294d15fd801c0eabb5",
              "versionType": "git"
            },
            {
              "lessThan": "3890da762a66191c440b0bd6e3ee45501edbb0c1",
              "status": "affected",
              "version": "1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e",
              "versionType": "git"
            },
            {
              "lessThan": "3f3aae77280aad9f5acc6709c596148966f765c7",
              "status": "affected",
              "version": "21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de",
              "versionType": "git"
            },
            {
              "lessThan": "a89f5fae998bdc4d0505306f93844c9ae059d50c",
              "status": "affected",
              "version": "21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "e59796fc80603bcd8569d4d2e10b213c1918edb4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/connection.c",
            "fs/smb/server/connection.h",
            "fs/smb/server/transport_rdma.c",
            "fs/smb/server/transport_tcp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.15"
            },
            {
              "lessThan": "6.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.35",
                  "versionStartIncluding": "6.12.26",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.4",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.14.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: add free_transport ops in ksmbd connection\n\nfree_transport function for tcp connection can be called from smbdirect.\nIt will cause kernel oops. This patch add free_transport ops in ksmbd\nconnection, and add each free_transports for tcp and smbdirect."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-09T14:20:15.334Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/52f5a52dc17a4a7b4363ac03fe2c4ef26f020dc6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3890da762a66191c440b0bd6e3ee45501edbb0c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f3aae77280aad9f5acc6709c596148966f765c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/a89f5fae998bdc4d0505306f93844c9ae059d50c"
        }
      ],
      "title": "ksmbd: add free_transport ops in ksmbd connection",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38325",
    "datePublished": "2025-07-10T08:14:59.544Z",
    "dateReserved": "2025-04-16T04:51:24.004Z",
    "dateUpdated": "2025-08-09T14:20:15.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.