CVE-2025-38562 ksmbd: fix null pointer dereference error in generate_encryptionkey

🗓️ 19 Aug 2025 17:02:39Reported by GoogleType

osv

osv🔗 osv.dev👁 2 Views

ksmbd null pointer in generate_encryptionkey during kerberos session setups; skip key if session valid.

Reporter	Title	Published	Views	Family All 136
ATTACKERKB	CVE-2025-38562	19 Aug 202517:02	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux-6.1	20 May 202605:53	–	astralinux
CBLMariner	CVE-2025-38562 affecting package kernel for versions less than 6.6.104.2-1	1 Oct 202519:21	–	cbl_mariner
Circl	CVE-2025-38562	24 Sep 202503:00	–	circl
CNNVD	Linux kernel 安全漏洞	19 Aug 202500:00	–	cnnvd
CVE	CVE-2025-38562	19 Aug 202517:02	–	cve
Cvelist	CVE-2025-38562 ksmbd: fix null pointer dereference error in generate_encryptionkey	19 Aug 202517:02	–	cvelist
Debian	[SECURITY] [DLA 4328-1] linux-6.1 security update	13 Oct 202509:16	–	debian
Debian CVE	CVE-2025-38562	19 Aug 202517:02	–	debiancve
Tenable Nessus	Debian dla-4328 : linux-config-6.1 - security update	13 Oct 202500:00	–	nessus

Source	Link
git	www.git.kernel.org/stable/c/015ef163d65496ae3ba6192c96140a22743f0353
git	www.git.kernel.org/stable/c/2a30ed6428ce83afedca1a6c5c5c4247bcf12d0e
git	www.git.kernel.org/stable/c/96a82e19434a2522525baab59c33332658bc7653
git	www.git.kernel.org/stable/c/9b493ab6f35178afd8d619800df9071992f715de
git	www.git.kernel.org/stable/c/9c2dbbc959e1fcc6f603a1a843e9cf743ba383bb
git	www.git.kernel.org/stable/c/d79c8bebaa622ee223128be7c66d8aaeeb634a57
lists	www.lists.debian.org/debian-lts-announce/2025/10/msg00008.html
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38562.json
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-38562
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-25-917/

16 Apr 2026 04:41Current

6Medium risk

Vulners AI Score6

CVSS 3.15.5

EPSS0.00024

linux kernel session setup kerberos authentication null pointer generate_encryptionkey skip key generation valid session