CVE-2025-38561

MEDIUM

Linux Kernel < 6.1.148 - Race Condition

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.

Exploits (1)

github WORKING POC

by toshithh · pythonpoc

https://github.com/toshithh/CVE-2025-38561

View Code ZIP pw:eip

References (8)

[Patch] https://git.kernel.org/stable/c/44a3059c4c8cc635a1fb2afd692d0730ca1ba4b6

[Patch] https://git.kernel.org/stable/c/6613887da1d18dd2ecfd6c6148a873c4d903ebdc

[Patch] https://git.kernel.org/stable/c/7d7c0c5304c88bcbd7a85e9bcd61d27e998ba5fc

[Patch] https://git.kernel.org/stable/c/b69fd87076daa66f3d186bd421a7b0ee0cb45829

[Patch] https://git.kernel.org/stable/c/edeecc7871e8fc0878d53ce286c75040a0e38f6c

[Patch] https://git.kernel.org/stable/c/fbf5c0845ed15122a770bca9be1d9b60b470d3aa

[Third Party Advisory] https://www.zerodayinitiative.com/advisories/ZDI-25-916/

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Scores

CVSS v3 4.7

EPSS 0.0003

EPSS Percentile 8.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-362

Status published

Products (7)

debian/debian_linux 11.0

linux/Kernel 5.15.0 - 6.1.148linux

linux/Kernel 6.13.0 - 6.15.10linux

linux/Kernel 6.16.0 - 6.16.1linux

linux/Kernel 6.2.0 - 6.6.102linux

linux/Kernel 6.7.0 - 6.12.42linux

linux/linux_kernel 5.15 - 6.1.148

Published Aug 19, 2025

Tracked Since Feb 18, 2026