{"id":"CVE-2025-22037","summary":"ksmbd: fix null pointer dereference in alloc_preauth_hash()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix null pointer dereference in alloc_preauth_hash()\n\nThe Client send malformed smb2 negotiate request. ksmbd return error\nresponse. Subsequently, the client can send smb2 session setup even\nthought conn-\u003epreauth_info is not allocated.\nThis patch add KSMBD_SESS_NEED_SETUP status of connection to ignore\nsession setup request if smb2 negotiate phase is not complete.","modified":"2026-04-02T12:45:19.636255Z","published":"2025-04-16T14:11:55.670Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22037.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8f216b33a5e1b3489c073b1ea1b3d7cb63c8dc4d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b8eb243e670ecf30e91524dd12f7260dac07d335"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c8b5b7c5da7d0c31c9b7190b4a7bba5281fc4780"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ca8bed31edf728a662ef9d6f39f50e7a7dc2b5ad"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cce57cd8c5dead24127cf2308fdd60fcad2d6ba6"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22037.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22037"},{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-310/"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0626e6641f6b467447c81dd7678a69c66f7746cf"},{"fixed":"cce57cd8c5dead24127cf2308fdd60fcad2d6ba6"},{"fixed":"ca8bed31edf728a662ef9d6f39f50e7a7dc2b5ad"},{"fixed":"8f216b33a5e1b3489c073b1ea1b3d7cb63c8dc4d"},{"fixed":"b8eb243e670ecf30e91524dd12f7260dac07d335"},{"fixed":"c8b5b7c5da7d0c31c9b7190b4a7bba5281fc4780"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22037.json"}}],"schema_version":"1.7.5"}