-
CVE-2025-40328
- EPSS 0.02%
- Veröffentlicht 09.12.2025 04:09:44
- Zuletzt bearbeitet 09.12.2025 18:37:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2_close_cached_fid(), leading to use-after-free. Switch to kref_put_lock() so cfid_release() is called with cfid_list_lock held, closing that gap.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
cb52d9c86d70298de0ab7c7953653898cbc0efd6
Version
ebe98f1447bbccf8228335c62d86af02a0ed23f7
Status
affected
Version <
065bd62412271a2d734810dd50336cae88c54427
Version
ebe98f1447bbccf8228335c62d86af02a0ed23f7
Status
affected
Version <
bdb596ceb4b7c3f28786a33840263728217fbcf5
Version
ebe98f1447bbccf8228335c62d86af02a0ed23f7
Status
affected
Version <
734e99623c5b65bf2c03e35978a0b980ebc3c2f8
Version
ebe98f1447bbccf8228335c62d86af02a0ed23f7
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.1
Status
affected
Version <
6.1
Version
0
Status
unaffected
Version <=
6.6.*
Version
6.6.117
Status
unaffected
Version <=
6.12.*
Version
6.12.58
Status
unaffected
Version <=
6.17.*
Version
6.17.8
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.036 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|