CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2_SESSION_VALID, It indicates that no valid session was found, but it is missing to decrement the reference count acquired by the session lookup, which results in a reference count leak. This patch fixes the issue by explicitly calling ksmbd_user_session_put to release the reference to the session.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/02e06785e85b4bd86ef3d23b7c8d87acc76773d5	Patch
https://git.kernel.org/stable/c/0fb87b28cafae71e9c8248432cc3a6a1fd759efc	Patch
https://git.kernel.org/stable/c/11fe566b442e3bc2774191740fd377739a87a1c0
https://git.kernel.org/stable/c/8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7	Patch
https://git.kernel.org/stable/c/cafb57f7bdd57abba87725eb4e82bbdca4959644	Patch
https://git.kernel.org/stable/c/e54fb2a4772545701766cba08aab20de5eace8cd	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:-::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::

History

18 Apr 2026, 09:16

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/11fe566b442e3bc2774191740fd377739a87a1c0 -
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: ksmbd: Soluciona la fuga de contador de referencias cuando se encuentra una sesión inválida en la búsqueda de sesión Cuando se encuentra una sesión pero su estado no es SMB2_SESSION_VALID, indica que no se encontró ninguna sesión válida, pero falta decrementar el contador de referencias adquirido por la búsqueda de sesión, lo que resulta en una fuga de contador de referencias. Este parche soluciona el problema llamando explícitamente a ksmbd_user_session_put para liberar la referencia a la sesión.

26 Feb 2026, 20:28

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/02e06785e85b4bd86ef3d23b7c8d87acc76773d5 -~~	() https://git.kernel.org/stable/c/02e06785e85b4bd86ef3d23b7c8d87acc76773d5 - Patch
References	~~() https://git.kernel.org/stable/c/0fb87b28cafae71e9c8248432cc3a6a1fd759efc -~~	() https://git.kernel.org/stable/c/0fb87b28cafae71e9c8248432cc3a6a1fd759efc - Patch
References	~~() https://git.kernel.org/stable/c/8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7 -~~	() https://git.kernel.org/stable/c/8cabcb4dd3dc85dd83a37d26efcc59a66a4074d7 - Patch
References	~~() https://git.kernel.org/stable/c/cafb57f7bdd57abba87725eb4e82bbdca4959644 -~~	() https://git.kernel.org/stable/c/cafb57f7bdd57abba87725eb4e82bbdca4959644 - Patch
References	~~() https://git.kernel.org/stable/c/e54fb2a4772545701766cba08aab20de5eace8cd -~~	() https://git.kernel.org/stable/c/e54fb2a4772545701766cba08aab20de5eace8cd - Patch
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc7:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.13:-::::::
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel

23 Jan 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-23 15:16

Updated : 2026-04-18 09:16

NVD link : CVE-2025-71150

Mitre link : CVE-2025-71150

CVE.ORG link : CVE-2025-71150

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10