Linux Kernel Vulnerability in ksmbd TCP Connections
CVE-2025-38325

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 10 July 2025

What is CVE-2025-38325?

A vulnerability in the Linux kernel's ksmbd module allows for improper handling of TCP connections, specifically through the free_transport function. When called via smbdirect, this could lead to a kernel oops, affecting system stability. A patch has been introduced to add free_transport operations in the ksmbd connection, ensuring better resource management and operational integrity for both TCP and smbdirect connections. System administrators should ensure they apply the latest updates to mitigate any risks associated with this issue.

Affected Version(s)

Linux 1aec4d14cf81b7b3e7b69eb1cfa94144eed7138e < 3890da762a66191c440b0bd6e3ee45501edbb0c1

Linux 21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de < 3f3aae77280aad9f5acc6709c596148966f765c7

Linux 21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de

References

https://git.kernel.org/stable/c/3890da762a66191c440b0bd6e...

https://git.kernel.org/stable/c/3f3aae77280aad9f5acc6709c...

https://git.kernel.org/stable/c/a89f5fae998bdc4d0505306f9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Apr 16, 2025