5.5

CVE-2025-21955

ksmbd: prevent connection release during oplock break notification

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: prevent connection release during oplock break notification

ksmbd_work could be freed when after connection release.
Increment r_count of ksmbd_conn to indicate that requests
are not finished yet and to not release the connection.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 6.6.84
LinuxLinux Kernel Version >= 6.7 < 6.12.20
LinuxLinux Kernel Version >= 6.13 < 6.13.8
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
LinuxLinux Kernel Version6.14 Updaterc5
LinuxLinux Kernel Version6.14 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.086
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/09aeab68033161cb54f194da93e51a11aee6144b
Patch
https://git.kernel.org/stable/c/3aa660c059240e0c795217182cf7df32909dd917
Patch
https://git.kernel.org/stable/c/a4261bbc33fbf99b99c80aa3a2c5097611802980
Patch
https://git.kernel.org/stable/c/f17d1c63a76b0fe8e9c78023a86507a3a6d62cfa
Patch