CVE-2025-37750
smb: client: fix UAF in decryption with multichannel
References
Notes
carnil> Introduced in f7025d861694 ("smb: client: allocate crypto only for primary
carnil> server")
carnil> b0abcd65ec54 ("smb: client: fix UAF in async decryption"). Vulnerable versions:
carnil> 5.10.237 5.15.181 6.1.128 6.6.57 6.11.4 6.12.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.15-rc2) [9502dd5c7029902f4a425bf959917a5a9e7c0e50]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.14-upstream-stable |
released (6.14.3) [950557922c1298464749c216d8763e97faf5d0a6]
|
| 6.13-upstream-stable |
released (6.13.12) [e859b216d94668bc66330e61be201234f4413d1a]
|
| 6.12-upstream-stable |
released (6.12.24) [aa5a1e4b882964eb79d5b5d1d1e8a1a5efbb1d15]
|
| 6.6-upstream-stable |
needed
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.12.25-1)
|
| 6.12-trixie-security |
N/A "Fixed before branching point"
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
needed
|
