CVE-2025-22038

Published: 2025-04-16T15:15:56.400

Last Modified: 2025-04-16T15:15:56.400

Source: MITRE CVE List

License: MITRE-CVE-TOS

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero num_subauth before sub_auth is accessed Access psid->sub_auth[psid->num_subauth - 1] without checking if num_subauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure num_subauth != 0 before sub_auth is accessed. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt