CVE-2025-71150

EPSS 0.02%
Veröffentlicht 23.01.2026 14:15:16
Zuletzt bearbeitet 26.01.2026 15:03:51
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: Fix refcount leak when invalid session is found on session lookup

When a session is found but its state is not SMB2_SESSION_VALID, It
indicates that no valid session was found, but it is missing to decrement
the reference count acquired by the session lookup, which results in
a reference count leak. This patch fixes the issue by explicitly calling
ksmbd_user_session_put to release the reference to the session.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0fb87b28cafae71e9c8248432cc3a6a1fd759efc

Version 37a0e2b362b3150317fb6e2139de67b1e29ae5ff

Status affected

Version < e54fb2a4772545701766cba08aab20de5eace8cd

Version 450a844c045ff0895d41b05a1cbe8febd1acfcfd

Status affected

Version < 02e06785e85b4bd86ef3d23b7c8d87acc76773d5

Version a39e31e22a535d47b14656a7d6a893c7f6cf758c

Status affected

Version < 8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7

Version b95629435b84b9ecc0c765995204a4d8a913ed52

Status affected

Version < cafb57f7bdd57abba87725eb4e82bbdca4959644

Version b95629435b84b9ecc0c765995204a4d8a913ed52

Status affected

Version 2107ab40629aeabbec369cf34b8cf0f288c3eb1b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.13

Status affected

Version < 6.13

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.056

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0fb87b28cafae71e9c8248432cc3a6a1fd759efc

https://git.kernel.org/stable/c/e54fb2a4772545701766cba08aab20de5eace8cd

https://git.kernel.org/stable/c/02e06785e85b4bd86ef3d23b7c8d87acc76773d5

https://git.kernel.org/stable/c/8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7

https://git.kernel.org/stable/c/cafb57f7bdd57abba87725eb4e82bbdca4959644

https://nvd.nist.gov/vuln/detail/CVE-2025-71150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71150

EUVD