CVE-2025-38325

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add free_transport ops in ksmbd connection free_transport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add free_transport ops in ksmbd connection, and add each free_transports for tcp and smbdirect.

References

https://git.kernel.org/stable/c/a89f5fae998bdc4d0505306f93844c9ae059d50c

https://git.kernel.org/stable/c/3f3aae77280aad9f5acc6709c596148966f765c7

https://git.kernel.org/stable/c/3890da762a66191c440b0bd6e3ee45501edbb0c1

Details

Source: Mitre, NVD

Published: 2025-07-10

Updated: 2025-07-10

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017