CVE-2025-38321

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb: Log an error when close_all_cached_dirs fails

Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in a "Dentry still in use" error, so add an error message that makes it clear this is what happened:

[ 495.281119] CIFS: VFS: \otters.example.com\share Out of memory while dropping dentries [ 495.281595] ————[ cut here ]———— [ 495.281887] BUG: Dentry ffff888115531138{i=78,n=/} still in use (2) [unmount of cifs cifs] [ 495.282391] WARNING: CPU: 1 PID: 2329 at fs/dcache.c:1536 umount_check+0xc8/0xf0

Also, bail out of looping through all tcons as soon as a single allocation fails, since we're already in trouble, and kmalloc() attempts for subseqeuent tcons are likely to fail just like the first one did.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux73934e535cffbda1490fa97d82690a0f9aa73e94 < b8ced2b9a23a1a2c1e0ed8d0d02512e51bdf38daaffected
LinuxLinux548812afd96982a76a93ba76c0582ea670c40d9e < 43f26094d6702e494e800532c3f1606e7a68eb30affected
LinuxLinux3fa640d035e5ae526769615c35cb9ed4be6e3662 < 4479db143390bdcadc1561292aab579cdfa9f6c6affected
LinuxLinux3fa640d035e5ae526769615c35cb9ed4be6e3662 < a2182743a8b4969481f64aec4908ff162e8a206caffected
LinuxLinuxff4528bbc82d0d90073751f7b49e7b9e9c7e5638affected
LinuxLinux6.6.64 < 6.6.95affected
LinuxLinux6.12.2 < 6.12.35affected
LinuxLinux6.11.11 < 6.12affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.6.95 <= 6.6.*unaffected
LinuxLinux6.12.35 <= 6.12.*unaffected
LinuxLinux6.15.4 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References