CVE-2025-37899
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-37899. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in session logoff
The sess->user object can currently be in use by another thread, for
example if another connection has sent a session setup request to
bind to the session being free'd. The handler for that connection could
be in the smb2_sess_setup function which makes use of sess->user.
Available Exploits
Related News
Sean Heelan: > The vulnerability [o3] found is CVE-2025-37899 (fix [here](https://github.com/torvalds/linux/commit/2fc9feff45d92a92cd5f96487655d5be23fb7e2b)), a use-after-free in the handler for the SMB 'logoff' command. Understanding the vulnerability requir…
Affected Products
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: May 20, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
🔥 Top 10 Trending CVEs (30/07/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2023-2533](https://nvd.nist.gov/vuln/detail/CVE-2023-2533)** - 📝 A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary …
how LLM change binary analysis? Large language models (LLMs) are showing incredible potential in cybersecurity. For instance, [Sean](https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/) recently uncovered a zero-day vulnerability—CVE-2025-37899—in the Linux kernel using OpenAI’s o3 model. When paired with powerful analysis tools, LLMs can take on even more complex challenges. This page highlights real-world examples of …
🔥 Top 10 Trending CVEs (14/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-24201](https://nvd.nist.gov/vuln/detail/CVE-2025-24201)** - 📝 An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, …
🔥 Top 10 Trending CVEs (13/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-32711](https://nvd.nist.gov/vuln/detail/CVE-2025-32711)** - 📝 M365 Copilot Information Disclosure Vulnerability - 📅 **Published:** 11/06/2025 - 📈 **CVSS:** 9.3 - 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C - 📣 **Mentions:** 14 - ⚠️ **Priority:** 2 --- **2. [CVE-2024-57727](https://nvd.nist.gov/vuln/detail/CVE-2024-57727)** …