CVE-2025-37899

Published May 20, 2025

Last updated 3 months ago

Linux Kernel

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-37899 is a use-after-free vulnerability found in the ksmbd component of the Linux kernel, which is an in-kernel server implementing the SMB3 protocol for file sharing over networks. Specifically, the vulnerability exists in the session logoff handler. The vulnerability occurs because the `sess->user` object can be freed by one thread processing a logoff command while another thread, handling a new connection's session setup request, might still be accessing the same `sess->user` object. This concurrent access can lead to memory corruption and potentially allow attackers to execute arbitrary code with kernel privileges.

Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Awaiting Analysis

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

19

  1. Zero day in Linux kernel’s SMB (CVE-2025-37899) using LLMs (OpenAI’s o3) https://t.co/1UdtbL2MhZ Credits @seanhn #infosec #llm https://t.co/7h6OCBHHjG

    @0xor0ne

    26 Aug 2025

    9146 Impressions

    52 Retweets

    242 Likes

    95 Bookmarks

    0 Replies

    0 Quotes

  2. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation – Sean Heelan's Blog https://t.co/bMdPz3FNgK

    @akaclandestine

    22 Aug 2025

    1511 Impressions

    6 Retweets

    25 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

  3. Vulnerability research using LLMs (OpenAI’s o3): Zero day in Linux kernel’s SMB (CVE-2025-37899) https://t.co/1UdtbL2MhZ Credits @seanhn #infsec #llm https://t.co/XSFT3MEyIB

    @0xor0ne

    29 Jul 2025

    9983 Impressions

    59 Retweets

    278 Likes

    109 Bookmarks

    0 Replies

    1 Quote

  4. AI Finds CVE-2025-37899 Zero-Day In Linux SMB Kernel #CISO https://t.co/ywmEF3MdHW

    @compuchris

    25 Jul 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. o3 found CVE-2025-37899, a use-after-free vulnerability in Linux kernel's SMB implementation. This is test-time compute scaling in action. More runs -> higher coverage - in a bechmark run @seanhn found that o3 can find CVE-2025-37778 (kerberos auth vuln) in 8 of the 100 runs

    @phbenz

    4 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. 🔍 Using AI to Find a Linux Kernel Zero-Day Sean Heelan explains how he used OpenAI’s o3 model to uncover CVE-2025-37899. This is a remote zero-day vulnerability in the Linux kernel’s SMB implementation. He found the vulnerability using just the o3 API—no extra framewo

    @GotoNathan

    12 Jun 2025

    114 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🔍 Using AI to Find a Linux Kernel Zero-Day Sean Heelan explains how he used OpenAI’s o3 model to uncover CVE-2025-37899. This is a remote zero-day vulnerability in the Linux kernel’s SMB implementation. He found the vulnerability using just the o3 API—no extra framewo

    @GotoNathan

    12 Jun 2025

    116 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  8. 🔍 Using AI to Find a Linux Kernel Zero-Day Sean Heelan explains how he used OpenAI’s o3 model to uncover CVE-2025-37899. This is a remote zero-day vulnerability in the Linux kernel’s SMB implementation. He found the vulnerability using just the o3 API—no extra framewo

    @GotoNathan

    12 Jun 2025

    156 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🔍 Using AI to Find a Linux Kernel Zero-Day Sean Heelan explains how he used OpenAI’s o3 model to uncover CVE-2025-37899. This is a remote zero-day vulnerability in the Linux kernel’s SMB implementation. He found the vulnerability using just the o3 API—no extra framewo

    @GotoNathan

    12 Jun 2025

    116 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. LLM (OpenAI’s o3) for vulnerability research. Zero day in Linux kernel’s SMB (CVE-2025-37899) https://t.co/1UdtbL2MhZ Credits @seanhn #infsec #llm https://t.co/4Tsa3nFxLO

    @0xor0ne

    12 Jun 2025

    10416 Impressions

    60 Retweets

    227 Likes

    91 Bookmarks

    1 Reply

    0 Quotes

  11. #exploit 1. CVE-2025-32756: https://t.co/1w8oAjYxV0 Fortinet (FortiVoice, FortiMail, FortiNDR, FortiRecorder, FortiCamera) Stack-based BoF 2. CVE-2025-49223: https://t.co/0HK0aFCF70 Prototype Pollution in Billboard.js 3. CVE-2025-37899: https://t.co/RnMzAPQJjW Linux kernel SMB

    @ksg93rd

    8 Jun 2025

    1165 Impressions

    4 Retweets

    14 Likes

    9 Bookmarks

    1 Reply

    0 Quotes

  12. 🚩 AI Discovers Linux Kernel SMB Zero-Day Vulnerability CVE-2025-37899 https://t.co/cKh8aMKJ8A A critical use-after-free vulnerability (CVE-2025-37899) in the Linux kernel's ksmbd module was uncovered using OpenAI's o3 language model. The flaw arises when multiple threads

    @Huntio

    6 Jun 2025

    583 Impressions

    4 Retweets

    14 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  13. What if we could codify expert reasoning and scale it? @seanheelan’s latest work using the O3 reasoning model led to the discovery of CVE-2025-37899—a remote Linux kernel SMB zero-day. A standout example of intelligence amplification in action. https://t.co/sIdSOu6tBg https:

    @nuroshift

    6 Jun 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Great example of the power of @OpenAI's o3 model. o3 spotted a CVE-2025-37899, a remote zero-day use-after-free bug in the Linux kernel’s SMB (ksmbd) implementation by reasoning across12,000 lines of code. ⚙️ The Core Concepts Use-after-free appears when freed memory is

    @rohanpaul_ai

    4 Jun 2025

    3709 Impressions

    6 Retweets

    24 Likes

    12 Bookmarks

    1 Reply

    0 Quotes

  15. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation https://t.co/64aIViHRgW #security #cybersecurity

    @eyalestrin

    2 Jun 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. chatgpt нашел уязвимость в Linux, неделю назад ⚠️ Модель o3 OpenAI обнаружила уязвимость (CVE-2025-37899) в модуле ksmbd ядра Linux была, позволяющая выполнять код на уровне я

    @warnetik

    1 Jun 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Believe it or not, #OpenAI's o3 just uncovered a remote 0-day in the #Linux #kernel's SMB code—CVE-2025-37899. A patch has already been rolled out. https://t.co/EfMN8eHpf5

    @linuxiac

    29 May 2025

    1406 Impressions

    16 Retweets

    64 Likes

    3 Bookmarks

    1 Reply

    1 Quote

  18. AI Discovers Zero-Day Vulnerability in Linux Kernel 🚨 OpenAI's o3 model just made cybersecurity history by discovering CVE-2025-37899 - a critical zero-day vulnerability buried deep in Linux kernel's SMB implementation. What makes this groundbreaking? ✅ o3 analyzed 12,000+

    @simbianai

    29 May 2025

    52 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  19. How OpenAI’s o3 Model was used to find zeroday Vulnerability in the Linux kernel (CVE-2025-37899 for the SMB implementation) - Blog post by Sean Heelan @seanhn #LLM #Cybersecurity https://t.co/hg0JHdzfGu

    @lcheylus

    28 May 2025

    146 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Un chercheur en sécurité a identifié la vulnérabilité CVE-2025-37899 dans le noyau Linux grâce à l’IA. 👉 https://t.co/IDLQSMPp1L 👉 La CVE : https://t.co/Zo8VF9YzRi https://t.co/CH4Oe65poV

    @bearstech

    28 May 2025

    1626 Impressions

    5 Retweets

    18 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  21. La IA demuestra su potencial en #ciberseguridad: usando OpenAI, se descubrió la vulnerabilidad zero-day CVE-2025-37899 en la implementación SMB del kernel de Linux. Los modelos de lenguaje ya pueden identificar fallos complejos y acelerar este trabajo https://t.co/j90kOG49u7 h

    @henryraul

    28 May 2025

    220 Impressions

    11 Retweets

    7 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  22. o3によるCVE-2025-37899発見の解析と解説 https://t.co/DFzmxNbMpW

    @GithubMatome

    28 May 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. 🚨 OpenAI’s new o3 model just helped spot a zero-day Linux kernel bug (CVE-2025-37899) — no tools, just code + prompts. 🔍🐧 Researcher Sean Heelan used o3 to uncover a use-after-free vulnerability with kernel-level impact. AI + cybersecurity = real-world breakthrough

    @moaijobs

    27 May 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. ショーン・ヒーラン氏が「OpenAI o3」を使ってLinuxカーネルサーバー「ksmbd」のゼロデイ脆弱性を発見!正式に「CVE-2025-37899」として報告される https://t.co/IjK0IryqO4 @nikkeimatomeより

    @nikkeimatome

    27 May 2025

    66 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Zero-day vulnerability in Linux kernel SMB discovered via ChatGPT CVE-2025-37899 #UPDATE https://t.co/6OOM0uVaGw

    @JadenJohnsNews

    26 May 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Vulnerabilidad de día cero en SMB del kernel de Linux descubierta mediante ChatGPT CVE-2025-37899 https://t.co/9cRF5dUzW3 https://t.co/epjijWu26j

    @elhackernet

    26 May 2025

    20448 Impressions

    127 Retweets

    422 Likes

    109 Bookmarks

    4 Replies

    2 Quotes

  27. Using only OpenAI’s new o3 model, researcher Sean Heelan uncovered CVE-2025-37899 — a high-risk use-after-free flaw in the Linux kernel’s ksmbd module. The AI identified the bug without any extra tools, showcasing the power of LLMs in accelerating vulnerability research. ht

    @deeptechstars

    26 May 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Artificial intelligence is helping with #cybersecurity How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation – Sean Heelan's Blog https://t.co/EM35479Ei9

    @MHiesboeck

    26 May 2025

    694 Impressions

    0 Retweets

    4 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  29. OpenAI's o3 API Helps Find Linux Zero-Day Vulnerability A security researcher details how he used OpenAI's o3 API to find a zero-day vulnerability (CVE-2025-37899) in the Linux kernel's SMB implementation by analyzing code. #OpenAI #Security #Linux https://t.co/6PHf7Lw6ek

    @AI_Techie_Arun

    26 May 2025

    63 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel's SMB implementation https://t.co/Mu2xcIgseB

    @TimCohn

    26 May 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. o3独立发现了Linux的0-day漏洞 (CVE-2025-37899) 看起来在量子计算实现之前,似乎只有实体资产和离线冷钱包是真正安全的资产,其他的数字和产权类资产都有重大风险。

    @iamai_eth

    25 May 2025

    1070 Impressions

    1 Retweet

    7 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  32. https://t.co/gx76MCZz2V - 使用OpenAI的o3模型找到Linux核心SMB實作的零日漏洞CVE-2025-37899。 - 該漏洞是SMB 'logoff'指令處理器中的Use-After-Free。 - o3成功分析並找出漏洞,展現其程式碼推理能力。 - o3也協助找到另一個相似的

    @Evan_Lin

    25 May 2025

    677 Impressions

    4 Retweets

    8 Likes

    1 Bookmark

    0 Replies

    1 Quote

  33. https://t.co/iGMVuOYh5e “How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation”

    @TheRealAdamG

    25 May 2025

    4468 Impressions

    5 Retweets

    89 Likes

    14 Bookmarks

    4 Replies

    0 Quotes

  34. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation – Sean Heelan's Blog https://t.co/AeCCzfkZeH

    @rocky2rockz4

    25 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. #OpenAI's o3 model independently discovered a Linux kernel SMB zero-day vulnerability (CVE-2025-37899) 😱! No complex tools needed—just API code analysis, and its fix even outperformed humans 👏. A new era of AI security testing? https://t.co/j0Gqusj69w

    @dlimeng192048

    25 May 2025

    39 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  36. 最近独立研究员Seen Heelan用OpenAI的o3模型发现了Linux内核的远程零日漏洞CVE-2025-37899,还是首次由大语言模型独立发现的内核级漏洞 仅用o3的API,检查12000行代码100次就揪出了“释放后使用”漏洞,还能给出超棒的

    @daizhe9898

    25 May 2025

    63 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  37. この記事をおすすめしました "How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation" via @techfeedapp #techfeed https://t.co/elTLtQVUW9

    @yume_piece1010

    25 May 2025

    62 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation https://t.co/FyrGqQiiln

    @yousukezan

    25 May 2025

    2528 Impressions

    1 Retweet

    13 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  39. CVE-2025-37899 revealed via O3: a significant Linux kernel SMB RCE. Real-world impact underscores O3's capability in automating complex vulnerability discovery. Expect higher scrutiny on kernel security while automated tools gain credibility. https://t.co/zX7wgRAZLv

    @0xOnlyCalls

    25 May 2025

    125 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  40. Security researcher Sean Heelan used OpenAI’s o3 model to discover a critical zero-day (CVE-2025-37899) in the Linux kernel’s SMB server. o3 flagged a race condition leading to a use-after-free bug showing how AI can now spot real, complex vulns in kernel code.

    @sharathnryn

    25 May 2025

    53 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  41. Security researcher Sean Heelan used OpenAI’s o3 model to discover a critical zero-day (CVE-2025-37899) in the Linux kernel’s SMB server. o3 flagged a race condition leading to a use-after-free bug — showing how AI can now spot real, complex vulns in kernel code.

    @sharathnryn

    25 May 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. OPENAI’S O3 UNCOVERS LINUX ZERO-DAY FLAW! A researcher used OpenAI’s o3 model to discover CVE-2025-37899, a critical remote zero-day vulnerability in the Linux kernel’s SMB, showcasing AI’s power in cybersecurity. #AI https://t.co/s0c0fXtvXT

    @ai_24x7

    25 May 2025

    52 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  43. 【ニュース速報:Tech blogs】2025-05-25 1. 私がo3を使用して、LinuxカーネルのSMB実装におけるリモートゼロデイ脆弱性CVE-2025-37899を発見した方法について説明します。 https://t.co/ndzCPyRE1X 2. f2 https://t.co/qLxDZkcxzb #T

    @Masato1864646

    25 May 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. LinuxカーネルのSMB実装にゼロデイ脆弱性(CVE-2025-37899)が発見されたんだけど、実はOpenAIのLLM「o3」が見つけたんだよ。AIが並列処理の危険なバグを人間より先に発見したってことで、セキュリティ分野に衝撃

    @techandeco4242

    25 May 2025

    82 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  45. Linux kernel vulnerability found using o3. The vulnerability CVE-2025-37899, a use-after-free in the handler for the SMB ‘logoff’ command was found by training o3. Understanding the vulnerability requires reasoning about concurrent connections to the server, and how they may

    @mukulneetika

    25 May 2025

    450 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  46. 【ニュース速報:Tech blogs】2025-05-25 1. 私がo3を使用して、LinuxカーネルのSMB実装におけるリモートゼロデイ脆弱性CVE-2025-37899を見つけた方法について説明します。 https://t.co/ndzCPyRE1X 2. f2 https://t.co/qLxDZkcxzb #T

    @Masato1864646

    25 May 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Unlocking vulnerabilities with AI: A deep dive into how the o3 model identified CVE-2025-37899— a zero-day in Linux's SMB implementation. Key takeaways: - Methodical engineering practices and thoughtful prompt design are essential for effective vulnerability detection. - Th

    @TechRandomizer

    24 May 2025

    38 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  48. この記事をおすすめしました "How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation" via @techfeedapp #techfeed https://t.co/GaqdvpFYAf

    @hossuii

    24 May 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. 2025. május 22-én Sean Hn bejelentette, hogy az OpenAI o3 modelljének segítségével egy eddig ismeretlen, távoli zeroday sebezhetőséget (CVE-2025-37899) fedezett fel a Linux-kernel SMB-implementációjában. https://t.co/qvOxzvotWS

    @PingvinBazis

    24 May 2025

    25 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  50. Jak jsem pomocí o3 nalezl CVE-2025-37899, tj. vzdálenou 0-day zranitelnost v Linuxu v SMB https://t.co/ZZLTEqJGQ3

    @abclinuxu

    24 May 2025

    141 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes