CVE-2025-37778
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-37778. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: Fix dangling pointer in krb_authenticate
krb_authenticate frees sess->user and does not set the pointer
to NULL. It calls ksmbd_krb5_authenticate to reinitialise
sess->user but that function may return without doing so. If
that happens then smb2_sess_setup, which calls krb_authenticate,
will be accessing free'd memory when it later uses sess->user.
Available Exploits
Related News
Affected Products
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: Fix dangling pointer in krb_authenticate
krb_authenticate frees sess->user and does not set the pointer
to NULL. It calls ksmbd_krb5_authenticate to reinitialise
sess->user but that function may return without doing so. If
that happens then smb2_sess_setup, which calls krb_authenticate,
will be accessing free'd memory when it later uses sess->user.
Affected Products (ENISA)
ENISA Scoring
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: May 8, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
🔥 Top 10 Trending CVEs (23/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-9074](https://nvd.nist.gov/vuln/detail/CVE-2025-9074)** - 📝 A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. …