Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2_close_cached_fid(), leading to use-after-free. Switch to kref_put_lock() so cfid_release() is called with cfid_list_lock held, closing that gap.

INFO

Published Date :

2025-12-09T04:09:44.876Z

Last Modified :

2025-12-09T04:09:44.876Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40328 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40328.

URL Resource
https://git.kernel.org/stable/c/065bd62412271a2d734810dd50336cae88c54427 cve-icon cve-icon
https://git.kernel.org/stable/c/734e99623c5b65bf2c03e35978a0b980ebc3c2f8 cve-icon cve-icon
https://git.kernel.org/stable/c/bdb596ceb4b7c3f28786a33840263728217fbcf5 cve-icon cve-icon
https://git.kernel.org/stable/c/cb52d9c86d70298de0ab7c7953653898cbc0efd6 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120909-CVE-2025-40328-a95b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40328 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40328 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact