CVE-2025-40328

NONE EPSS 9.0%

Published Dec 9, 20256mo ago · Modified Jun 17, 20261w ago

Published Dec 9, 2025 6mo ago

Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2_close_cached_fid(), leading to use-after-free. Switch to kref_put_lock() so cfid_release() is called with cfid_list_lock held, closing that gap.

Threat Intelligence

EPSS Exploit Probability

9.0% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

References 4

git.kernel.org https://git.kernel.org/stable/c/065bd62412271a2d734810dd50336cae88c54427
git.kernel.org https://git.kernel.org/stable/c/734e99623c5b65bf2c03e35978a0b980ebc3c2f8
git.kernel.org https://git.kernel.org/stable/c/bdb596ceb4b7c3f28786a33840263728217fbcf5
git.kernel.org https://git.kernel.org/stable/c/cb52d9c86d70298de0ab7c7953653898cbc0efd6

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.