Linux Kernel Refcount Leak Vulnerability in 9p Network Component

Vulnerability

A refcount leak vulnerability has been identified in the Linux kernel's 9p network component. The issue arises in the error handling of the p9_read_work() function, where the p9_req_put() function needs to be called when the request's response data is NULL. Failure to do so results in a temporary reference count leak.

Impact

Exploitation of this vulnerability leads to a temporary reference count leak, which can potentially be exploited to cause a use-after-free condition.

Added: Jun 18, 2025, 4:49 PM

Updated: Jun 18, 2025, 4:49 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Refcount Leak Vulnerability in 9p Network Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating