5.5

CVE-2025-21944

ksmbd: fix bug on trap in smb2_lock

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix bug on trap in smb2_lock

If lock count is greater than 1, flags could be old value.
It should be checked with flags of smb_lock, not flags.
It will cause bug-on trap from locks_free_lock in error handling
routine.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 6.1.131
LinuxLinux Kernel Version >= 6.2 < 6.6.83
LinuxLinux Kernel Version >= 6.7 < 6.12.19
LinuxLinux Kernel Version >= 6.13 < 6.13.7
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
LinuxLinux Kernel Version6.14 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.04
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/11e0e74e14f1832a95092f2c98ed3b99f57797ee
Patch
https://git.kernel.org/stable/c/2b70e3ac79eacbdf32571f7af48dd81cdd957ca8
Patch
https://git.kernel.org/stable/c/8994f0ce8259f812b4f4a681d8298c6ff682efaa
Patch
https://git.kernel.org/stable/c/dbcd7fdd86f77529210fe8978154a81cd479844c
Patch
https://git.kernel.org/stable/c/e26e2d2e15daf1ab33e0135caf2304a0cfa2744b
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html