CVE-2025-21955

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: prevent connection release during oplock break notification

ksmbd_work could be freed when after connection release. Increment r_count of ksmbd_conn to indicate that requests are not finished yet and to not release the connection.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 09aeab68033161cb54f194da93e51a11aee6144baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < a4261bbc33fbf99b99c80aa3a2c5097611802980affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < f17d1c63a76b0fe8e9c78023a86507a3a6d62cfaaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 3aa660c059240e0c795217182cf7df32909dd917affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.6.84 <= 6.6.*unaffected
LinuxLinux6.12.20 <= 6.12.*unaffected
LinuxLinux6.13.8 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References