CVE-2025-68219

EPSS 0.03%
Veröffentlicht 16.12.2025 13:57:13
Zuletzt bearbeitet 18.12.2025 15:08:06
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

cifs: fix memory leak in smb3_fs_context_parse_param error path

Add proper cleanup of ctx->source and fc->source to the
cifs_parse_mount_err error handler. This ensures that memory allocated
for the source strings is correctly freed on all error paths, matching
the cleanup already performed in the success path by
smb3_cleanup_fs_context_contents().
Pointers are also set to NULL after freeing to prevent potential
double-free issues.

This change fixes a memory leak originally detected by syzbot. The
leak occurred when processing Opt_source mount options if an error
happened after ctx->source and fc->source were successfully
allocated but before the function completed.

The specific leak sequence was:
1. ctx->source = smb3_fs_context_fullpath(ctx, '/') allocates memory
2. fc->source = kstrdup(ctx->source, GFP_KERNEL) allocates more memory
3. A subsequent error jumps to cifs_parse_mount_err
4. The old error handler freed passwords but not the source strings,
causing the memory to leak.

This issue was not addressed by commit e8c73eb7db0a ("cifs: client:
fix memory leak in smb3_fs_context_parse_param"), which only fixed
leaks from repeated fsconfig() calls but not this error path.

Patch updated with minor change suggested by kernel test robot

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 7627864dc3121f39e220f5253a227edf472de59e

Version 24e0a1eff9e2b9835a6e7c17039dfb6ecfd81f1f

Status affected

Version < 48d69290270891f988e72edddd9688c20515421d

Version 24e0a1eff9e2b9835a6e7c17039dfb6ecfd81f1f

Status affected

Version < 37010021d7e0341bb241ca00bcbae31f2c50b23f

Version 24e0a1eff9e2b9835a6e7c17039dfb6ecfd81f1f

Status affected

Version < 7e4d9120cfa413dd34f4f434befc5dbe6c38b2e5

Version 24e0a1eff9e2b9835a6e7c17039dfb6ecfd81f1f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.11

Status affected

Version < 5.11

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.118

Status unaffected

Version <= 6.12.*

Version 6.12.60

Status unaffected

Version <= 6.17.*

Version 6.17.10

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.063

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/7627864dc3121f39e220f5253a227edf472de59e

https://git.kernel.org/stable/c/48d69290270891f988e72edddd9688c20515421d

https://git.kernel.org/stable/c/37010021d7e0341bb241ca00bcbae31f2c50b23f

https://git.kernel.org/stable/c/7e4d9120cfa413dd34f4f434befc5dbe6c38b2e5

https://nvd.nist.gov/vuln/detail/CVE-2025-68219

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68219

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68219

EUVD