CVE-2025-37776

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in smb_break_all_levII_oplock()

There is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock to protect whole loop.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 296cb5457cc6f4a754c4ae29855f8a253d52bcc6affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < d54ab1520d43e95f9b2e22d7a05fc9614192e5a5affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < d73686367ad68534257cd88a36ca3c52cb8b81d8affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 18b4fac5ef17f77fed9417d22210ceafd6525fc7affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.6.88 <= 6.6.*unaffected
LinuxLinux6.12.25 <= 6.12.*unaffected
LinuxLinux6.14.4 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References