UBUNTU-CVE-2025-38561

Advisory lineage Upstream: 1 Downstream: 21
Upstream
CVE-2025-38561
Published: 19 Aug 2025, 17:15
Last modified:03 Jun 2026, 13:40

Vulnerability Summary

Overall Risk (default)
low
19/100
CVSS Score
4.7 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Aug 2025, 17:15
Published
Vulnerability first disclosed
03 Jun 2026, 13:40
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.

CVSS Metrics

  • v3.1MEDIUMScore: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

  • ubuntulinux

    all | all | < 5.15.0-168.178 | < 6.8.0-94.96

  • ubuntulinux-allwinner-5.19

    all

  • ubuntulinux-aws

    all | all | < 5.15.0-1099.106 | < 6.8.0-1045.47

  • ubuntulinux-aws-5.0

    all

  • ubuntulinux-aws-5.11

    all

  • ubuntulinux-aws-5.13

    all

  • ubuntulinux-aws-5.15

    all | < 5.15.0-1099.106~20.04.1

  • ubuntulinux-aws-5.19

    all

  • ubuntulinux-aws-5.3

    all

  • ubuntulinux-aws-5.8

    all

  • ubuntulinux-aws-6.14

    < 6.14.0-1017.17~24.04.1

  • ubuntulinux-aws-6.2

    all

  • ubuntulinux-aws-6.5

    all

  • ubuntulinux-aws-6.8

    all | < 6.8.0-1045.47~22.04.1

  • ubuntulinux-aws-fips

    all | < 5.15.0-1099.106+fips1 | < 6.8.0-1045.47+fips1

  • ubuntulinux-azure

    all | all | all | < 5.15.0-1103.112 | < 6.8.0-1046.52

  • ubuntulinux-azure-5.11

    all

  • ubuntulinux-azure-5.13

    all

  • ubuntulinux-azure-5.15

    all | < 5.15.0-1103.112~20.04.1

  • ubuntulinux-azure-5.19

    all

  • ubuntulinux-azure-5.3

    all

  • ubuntulinux-azure-5.8

    all

  • ubuntulinux-azure-6.11

    all

  • ubuntulinux-azure-6.14

    < 6.14.0-1017.17~24.04.1

  • ubuntulinux-azure-6.2

    all

  • ubuntulinux-azure-6.5

    all

  • ubuntulinux-azure-6.8

    all | < 6.8.0-1051.57~22.04.1

  • ubuntulinux-azure-edge

    all

  • ubuntulinux-azure-fde

    all | all | all | all

  • ubuntulinux-azure-fde-5.19

    all

  • ubuntulinux-azure-fde-6.14

    all

  • ubuntulinux-azure-fde-6.17

    all

  • ubuntulinux-azure-fde-6.2

    all

  • ubuntulinux-azure-fde-6.8

    all

  • ubuntulinux-azure-fips

    all | < 5.15.0-1103.112+fips1 | < 6.8.0-1046.52+fips1

  • ubuntulinux-azure-nvidia

    all

  • ubuntulinux-azure-nvidia-6.14

    all

  • ubuntulinux-bluefield

    all | < 5.15.0-1083.85 | all

  • ubuntulinux-fips

    all | < 5.15.0-168.178+fips1 | < 6.8.0-94.96+fips1

  • ubuntulinux-gcp

    all | all | all | < 5.15.0-1099.108 | < 6.8.0-1046.49

  • ubuntulinux-gcp-5.11

    all

  • ubuntulinux-gcp-5.13

    all

  • ubuntulinux-gcp-5.15

    all | < 5.15.0-1099.108~20.04.1

  • ubuntulinux-gcp-5.19

    all

  • ubuntulinux-gcp-5.3

    all

  • ubuntulinux-gcp-5.8

    all

  • ubuntulinux-gcp-6.11

    all

  • ubuntulinux-gcp-6.14

    < 6.14.0-1020.21~24.04.1

  • ubuntulinux-gcp-6.2

    all

  • ubuntulinux-gcp-6.5

    all

Showing first 50 affected entries in server-rendered view.

References (29)