Use-after-free in Linux kernel smb server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2025-37776 |
| CWE-ID | CWE-416 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Use-after-free
EUVDB-ID: #VU108237
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-37776
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_opinfo(), opinfo_get_list(), opinfo_put(), opinfo_add(), opinfo_del() and smb_break_all_levII_oplock() functions in fs/smb/server/oplock.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 6.14 - 6.14.3
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:6.14:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:6.14.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:6.14.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:6.14.3:*:*:*:*:*:*:*
https://git.kernel.org/stable/c/18b4fac5ef17f77fed9417d22210ceafd6525fc7
https://git.kernel.org/stable/c/296cb5457cc6f4a754c4ae29855f8a253d52bcc6
https://git.kernel.org/stable/c/d54ab1520d43e95f9b2e22d7a05fc9614192e5a5
https://git.kernel.org/stable/c/d73686367ad68534257cd88a36ca3c52cb8b81d8
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
