Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-38562
CVE-2025-38562:
Linux Debian vulnerability analysis and mitigation
Overview
CVE-2025-38562 is a vulnerability in the Linux kernel's ksmbd component that was discovered and reported in August 2025. The vulnerability specifically affects the generate_encryptionkey function in the ksmbd module, which handles SMB protocol operations (NVD).
Technical details
The vulnerability is characterized by a null pointer dereference error in the generateencryptionkey function of ksmbd. The issue occurs when a client sends two session setups with Kerberos 5 authentication to ksmbd. The vulnerability manifests because sess->PreauthHashValue is set to NULL if the session is valid, leading to potential null pointer dereference (NVD).
Impact
A null pointer dereference vulnerability can lead to system crashes and potential denial of service conditions in affected Linux systems running the ksmbd module (NVD).
Mitigation and workarounds
A patch has been developed that skips the encryption key generation if the session is valid, preventing the null pointer dereference condition. The fix has been implemented in the Linux kernel codebase (NVD).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management