CVE-2025-37750: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-37750 is a vulnerability discovered in the Linux kernel affecting the SMB client functionality, specifically in the multichannel decryption process. The vulnerability was disclosed on May 1, 2025, and impacts Linux systems using SMB client functionality, particularly when interacting with Windows Server 2022 (Wiz Database, NVD).

The vulnerability stems from a use-after-free (UAF) condition in the decryption process with multichannel functionality. The issue occurs after commits f7025d861694 and b0abcd65ec54, where channels began reusing AEAD TFM from the primary channel to perform synchronous decryption. This implementation is problematic as multiple cifsd threads (one per channel) can simultaneously access it for decryption. The issue manifests when running fstest generic/249 with specific parameters 'vers=3.1.1,multichannel,max_channels=4,seal' against Windows Server 2022, resulting in a KASAN splat indicating a slab-use-after-free condition (NVD, Red Hat).

The vulnerability can lead to memory corruption through use-after-free conditions in the Linux kernel's SMB client implementation. This could potentially result in system crashes or unintended behavior when using SMB multichannel functionality, particularly when interacting with Windows Server 2022 systems (Wiz Database).

Several Linux distributions have released fixes for this vulnerability. Debian has marked this as fixed in version 6.12.25-1 for the sid release, while it remains vulnerable in some other versions. The fix involves proper handling of AEAD TFM access in multichannel scenarios (Wiz Database).