7.8

CVE-2025-71220

smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe()

In the Linux kernel, the following vulnerability has been resolved:

smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe()

When ksmbd_iov_pin_rsp() fails, we should call ksmbd_session_rpc_close().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.145 < 5.15.200
LinuxLinux Kernel Version >= 6.1.71 < 6.1.163
LinuxLinux Kernel Version >= 6.6 < 6.6.124
LinuxLinux Kernel Version >= 6.7 < 6.12.70
LinuxLinux Kernel Version >= 6.13 < 6.18.10
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.029
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/a2c68e256fb7a4ac34154c6e865a1389acca839f
Patch
https://git.kernel.org/stable/c/2b7b4df87fe6f2db6ee45f475de6b37b8b8e5d29
Patch
https://git.kernel.org/stable/c/04dd114b682a4ccaeba2c2bad049c8b50ce740d8
Patch
https://git.kernel.org/stable/c/ac18761b530b5dd40f59af8a25902282e5512854
Patch
https://git.kernel.org/stable/c/fdda836fcee6fdbcccc24e3679097efb583f581f
Patch
https://git.kernel.org/stable/c/7c28f8eef5ac5312794d8a52918076dcd787e53b
Patch