Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-37899 PoC — ksmbd: fix use-after-free in session logoff

Source
https://github.com/SeanHeelan/o3_finds_cve-2025-37899
Associated Vulnerability
Title:ksmbd: fix use-after-free in session logoff (CVE-2025-37899)
Description:In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.
Description
Artefacts for blog post on finding CVE-2025-37899 with o3
Readme
This is the artefact repository associated with my blog post [How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation](https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/). See that post for details.
File Snapshot

 [4.0K]  /data/pocs/48e99ca9208a9c6756b88eb95a4aee2141db2510
├── [ 213]  audit_request.prompt
├── [7.5K]  claude_3_7_finds_CVE-2025-37778.txt
├── [1.2K]  ksmbd_explainer.prompt
├── [4.0K]  o3_finds_CVE-2025-37778.txt
├── [ 348]  README.md
├── [ 98K]  session_setup_code.prompt
├── [ 552]  session_setup_context_explainer.prompt
└── [1.9K]  system_prompt_uafs.prompt

0 directories, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →