Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.15, < 6.1.142 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/076f1adefb9837977af7ed233883842ddc446644Patch
- https://git.kernel.org/stable/c/0902625a24eea7fdc187faa5d97df244d159dd6ePatch
- https://git.kernel.org/stable/c/1193486dffb7432a09f57f5d09049b4d4123538bPatch
- https://git.kernel.org/stable/c/281afc52e2961cd5dd8326ebc9c5bc40904c0468Patch
- https://git.kernel.org/stable/c/7ac5b66acafcc9292fb935d7e03790f2b8b2dc0ePatch
- https://www.zerodayinitiative.com/advisories/ZDI-25-610/Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlThird Party Advisory
FAQ
What is CVE-2025-38191?
CVE-2025-38191 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage,...
How severe is CVE-2025-38191?
CVE-2025-38191 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-38191?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.