5.5

CVE-2025-71150

ksmbd: Fix refcount leak when invalid session is found on session lookup

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: Fix refcount leak when invalid session is found on session lookup

When a session is found but its state is not SMB2_SESSION_VALID, It
indicates that no valid session was found, but it is missing to decrement
the reference count acquired by the session lookup, which results in
a reference count leak. This patch fixes the issue by explicitly calling
ksmbd_user_session_put to release the reference to the session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.176 < 5.16
LinuxLinux Kernel Version >= 6.1.121 < 6.1.160
LinuxLinux Kernel Version >= 6.6.67 < 6.6.120
LinuxLinux Kernel Version >= 6.12.6 < 6.12.64
LinuxLinux Kernel Version >= 6.13.1 < 6.18.3
LinuxLinux Kernel Version6.13 Update-
LinuxLinux Kernel Version6.13 Updaterc3
LinuxLinux Kernel Version6.13 Updaterc4
LinuxLinux Kernel Version6.13 Updaterc5
LinuxLinux Kernel Version6.13 Updaterc6
LinuxLinux Kernel Version6.13 Updaterc7
LinuxLinux Kernel Version6.19 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.02
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0fb87b28cafae71e9c8248432cc3a6a1fd759efc
Patch
https://git.kernel.org/stable/c/e54fb2a4772545701766cba08aab20de5eace8cd
Patch
https://git.kernel.org/stable/c/02e06785e85b4bd86ef3d23b7c8d87acc76773d5
Patch
https://git.kernel.org/stable/c/8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7
Patch
https://git.kernel.org/stable/c/cafb57f7bdd57abba87725eb4e82bbdca4959644
Patch
https://git.kernel.org/stable/c/11fe566b442e3bc2774191740fd377739a87a1c0