Linux Kernel Vulnerability in SMB2 Reconnection Process
CVE-2025-38379

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38379?

The Linux kernel exhibits a vulnerability within the SMB2 reconnection process that occurs during the execution of the smb2_reconnect_server() function. A dummy transport connection (tcon) is erroneously passed with an uninitialized ->query_interface parameter to smb2_reconnect(). This oversight hinders the system’s ability to properly schedule delayed work, leading to potential warnings and inefficiencies in operation. To mitigate this, a fix has been implemented ensuring that the queueing for delayed work is conducted from the correct transport connection, thus enhancing the overall reliability and stability of server reconnections.

Affected Version(s)

Linux 202d7e838967dda02855cd925db7fd8c52c56af7 < 0cee638d92ac898d73eccc4e4bab70e9fc95946a

Linux 2c34f1e095a12be3674fb79d84d1af7896e49245 < 3f6932ef25378794894c3c1024092ad14da2d330

Linux 4f81ee0af2b8c4089e308f7cb6b5ea5a4efe5b94 < 9d2b629a9dc5c72537645533af1cb11a7d34c4b1

References

https://git.kernel.org/stable/c/0cee638d92ac898d73eccc4e4...

https://git.kernel.org/stable/c/3f6932ef25378794894c3c102...

https://git.kernel.org/stable/c/9d2b629a9dc5c72537645533a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025