CVE-2025-38191
The CVE-2025-38191 issue is in the Linux kernel ksmbd component, where a null pointer dereference could occur during Kerberos session setup if the client uses PreviousSessionId before session authentication completes. Root cause: sess->user is not set during initial kerberos setup, allowing a ...