Wiz
Vulnerability DatabaseCVE-2025-37956

CVE-2025-37956
Linux Kernel vulnerability analysis and mitigation

Overview

A vulnerability (CVE-2025-37956) was identified in the Linux kernel's ksmbd component, discovered and published on May 20, 2025. The issue involves improper validation of rename operations in the kernel SMB server where a client can send an empty newname string to the ksmbd server (NVD Database, Wiz Database).

Technical details

The vulnerability exists in the ksmbd (kernel SMB server) component of the Linux kernel. When a client sends an empty newname string during a rename operation, it triggers a kernel oops due to a failure in the d_alloc function. The vulnerability has been assigned a CVSS 3.1 score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat).

Impact

When exploited, this vulnerability results in a kernel oops, which can lead to system instability and potential denial of service conditions. The primary impact is on system availability as the kernel oops disrupts normal system operations (Wiz Database).

Mitigation and workarounds

A patch has been developed that adds validation to prevent rename operations with empty newname strings. The fix returns an error when attempting to rename a file or directory with an empty new name string (NVD Database).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40258HIGH7
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-devel-matched
NoNoDec 04, 2025
CVE-2025-40259MEDIUM6.2
  • Linux KernelLinux Kernel
  • kernel-rt-64k
NoNoDec 04, 2025
CVE-2025-40264MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-64k-modules-extra
NoNoDec 04, 2025
CVE-2025-40254MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-64k-devel-matched
NoNoDec 04, 2025
CVE-2025-40253MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-64k-debug-modules-partner
NoNoDec 04, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo