{"uuid": "f4326c26-4d39-42a0-8661-3ac8bf542d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37899", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17104", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37899\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in session logoff\n\nThe sess->user object can currently be in use by another thread, for\nexample if another connection has sent a session setup request to\nbind to the session being free'd. The handler for that connection could\nbe in the smb2_sess_setup function which makes use of sess->user.\n\ud83d\udccf Published: 2025-05-20T15:21:34.782Z\n\ud83d\udccf Modified: 2025-05-21T07:58:14.534Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/d5ec1d79509b3ee01de02c236f096bc050221b7f\n2. https://git.kernel.org/stable/c/02d16046cd11a5c037b28c12ffb818c56dd3ef43\n3. https://git.kernel.org/stable/c/2fc9feff45d92a92cd5f96487655d5be23fb7e2b", "creation_timestamp": "2025-05-21T08:47:52.000000Z"}