{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38501", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.022Z", "datePublished": "2025-08-16T05:30:09.138Z", "dateUpdated": "2025-08-19T05:47:16.990Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-08-19T05:47:16.990Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: limit repeated connections from clients with the same IP\n\nRepeated connections from clients with the same IP address may exhaust\nthe max connections and prevent other normal client connections.\nThis patch limit repeated connections from clients with the same IP."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/connection.h", "fs/smb/server/transport_tcp.c"], "versions": [{"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "cb092fc3a62972a4aa47c9fe356c2c6a01cd840b", "status": "affected", "versionType": "git"}, {"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "fa1c47af4ff641cf9197ecdb1f8240cbb30389c1", "status": "affected", "versionType": "git"}, {"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "7e5d91d3e6c62a9755b36f29c35288f06c3cd86b", "status": "affected", "versionType": "git"}, {"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "f1ce9258bcbce2491f9f71f7882b6eed0b33ec65", "status": "affected", "versionType": "git"}, {"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "6073afe64510c302b7a0683a01e32c012eff715d", "status": "affected", "versionType": "git"}, {"version": "0626e6641f6b467447c81dd7678a69c66f7746cf", "lessThan": "e6bb9193974059ddbb0ce7763fa3882bd60d4dc3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/connection.h", "fs/smb/server/transport_tcp.c"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.148", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.102", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.42", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.10", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.1", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.1.148"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.6.102"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.12.42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.15.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.16.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.17-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cb092fc3a62972a4aa47c9fe356c2c6a01cd840b"}, {"url": "https://git.kernel.org/stable/c/fa1c47af4ff641cf9197ecdb1f8240cbb30389c1"}, {"url": "https://git.kernel.org/stable/c/7e5d91d3e6c62a9755b36f29c35288f06c3cd86b"}, {"url": "https://git.kernel.org/stable/c/f1ce9258bcbce2491f9f71f7882b6eed0b33ec65"}, {"url": "https://git.kernel.org/stable/c/6073afe64510c302b7a0683a01e32c012eff715d"}, {"url": "https://git.kernel.org/stable/c/e6bb9193974059ddbb0ce7763fa3882bd60d4dc3"}], "title": "ksmbd: limit repeated connections from clients with the same IP", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: limit repeated connections from clients with the same IP\n\nRepeated connections from clients with the same IP address may exhaust\nthe max connections and prevent other normal client connections.\nThis patch limit repeated connections from clients with the same IP."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: limita las conexiones repetidas de clientes con la misma IP. Las conexiones repetidas de clientes con la misma direcci\u00f3n IP pueden agotar el l\u00edmite m\u00e1ximo de conexiones e impedir otras conexiones normales de clientes. Este parche limita las conexiones repetidas de clientes con la misma IP."}], "id": "CVE-2025-38501", "lastModified": "2025-08-18T20:16:28.750", "metrics": {}, "published": "2025-08-16T06:15:27.923", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6073afe64510c302b7a0683a01e32c012eff715d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7e5d91d3e6c62a9755b36f29c35288f06c3cd86b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cb092fc3a62972a4aa47c9fe356c2c6a01cd840b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e6bb9193974059ddbb0ce7763fa3882bd60d4dc3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f1ce9258bcbce2491f9f71f7882b6eed0b33ec65"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fa1c47af4ff641cf9197ecdb1f8240cbb30389c1"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ksmbd: limit repeated connections from clients with the same IP", "id": "2388909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388909"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nksmbd: limit repeated connections from clients with the same IP\nRepeated connections from clients with the same IP address may exhaust\nthe max connections and prevent other normal client connections.\nThis patch limit repeated connections from clients with the same IP."], "name": "CVE-2025-38501", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-08-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38501\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38501\nhttps://lore.kernel.org/linux-cve-announce/2025081612-CVE-2025-38501-e51f@gregkh/T"], "threat_severity": "Moderate"}