VDB

TNCVE-2025-38562

TNCVE-2025-38562 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generate_encryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generate_encryptionkey could happen. sess->Preauth_HashValue is set to NULL if session is valid. So this patch skip generate encryption key if session is valid.

Timeline

  • Aug 19, 2025 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›