CVE-2025-37899 | Linux Kernel up to 6.12.27/6.14.5/6.15-rc4 ksmbd smb2_sess_setup use after free

A vulnerability was found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4 and classified as critical. This issue affects the function smb2_sess_setup of the component ksmbd. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2025-37899. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More