CVE-2025-22040

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix session use-after-free in multichannel connection

There is a race condition between session setup and ksmbd_sessions_deregister. The session can be freed before the connection is added to channel list of session. This patch check reference count of session before freeing it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 596407adb9af1ee75fe7c7529607783d31b66e7faffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 3980770cb1470054e6400fd97668665975726737affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 9069939d762138e232a6f79e3e1462682ed6a17daffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 94c281721d4ed2d972232414b91d98a6f5bdb16baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 7dfbd4c43eed91dd2548a95236908025707a8dfdaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < fa4cdb8cbca7d6cb6aa13e4d8d83d1103f6345dbaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.134 <= 6.1.*unaffected
LinuxLinux6.6.87 <= 6.6.*unaffected
LinuxLinux6.12.23 <= 6.12.*unaffected
LinuxLinux6.13.11 <= 6.13.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References