CVE-2025-22038

HIGH EPSS 13.0%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero num_subauth before sub_auth is accessed Access psid->sub_auth[psid->num_subauth - 1] without checking if num_subauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure num_subauth != 0 before sub_auth is accessed.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel* <6.1.134
linuxlinux_kernel*≥6.2  –  <6.6.87
linuxlinux_kernel*≥6.7  –  <6.12.23
linuxlinux_kernel*≥6.13  –  <6.13.11
linuxlinux_kernel*≥6.14  –  <6.14.2

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0e36a3e080d6d8bd7a34e089345d043da4ac8283
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ac65de111c686c95316ade660f8ba7aea3cd3cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56de7778a48560278c334077ace7b9ac4bfb2fd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68c6c3142bfcdb049839d40a9a59ebe8ea865002
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bf21e29d78cd2c2371023953d9c82dfef82ebb36
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8bfe1954a0b89e7b29b3a3e7f4c5e0ebd295e20
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0e36a3e080d6d8bd7a34e089345d043da4ac8283
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ac65de111c686c95316ade660f8ba7aea3cd3cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/56de7778a48560278c334077ace7b9ac4bfb2fd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68c6c3142bfcdb049839d40a9a59ebe8ea865002
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bf21e29d78cd2c2371023953d9c82dfef82ebb36
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c8bfe1954a0b89e7b29b3a3e7f4c5e0ebd295e20
    Patch