Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free() instead of kfree() to properly free memory allocated by aead_request_alloc(). This ensures sensitive crypto data is zeroed before being freed.

INFO

Published Date :

2025-04-18T07:01:33.904Z

Last Modified :

2025-11-03T19:58:31.892Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38575 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38575.

URL Resource
https://git.kernel.org/stable/c/1de7fec4d3012672e31eeb6679ea60f7ca010ef9 cve-icon cve-icon
https://git.kernel.org/stable/c/3e341dbd5f5a6e5a558e67da80731dc38a7f758c cve-icon cve-icon
https://git.kernel.org/stable/c/46caeae23035192b9cc41872c827f30d0233f16e cve-icon cve-icon
https://git.kernel.org/stable/c/571b342d4688801fc1f6a1934389dac09425dc93 cve-icon cve-icon
https://git.kernel.org/stable/c/6171063e9d046ffa46f51579b2ca4a43caef581a cve-icon cve-icon
https://git.kernel.org/stable/c/a6b594868268c3a7bfaeced912525cd2c445529a cve-icon cve-icon
https://git.kernel.org/stable/c/aef10ccd74512c52e30c5ee19d0031850973e78d cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025041818-CVE-2025-38575-2d0f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38575 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38575 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact