Linux Kernel CIFS XID Leak Vulnerability in cifs_create Function

A vulnerability in the Linux kernel's CIFS (Common Internet File System) implementation has been identified, specifically in the cifs_create function. This vulnerability involves an XID (transaction ID) leak that occurs when CIFS is already shut down. In such cases, the XID should be freed before the function returns; otherwise, it will be leaked. The issue has been addressed in the Linux kernel stable tree.

Impact

The vulnerability leads to a resource leak, where transaction IDs are not properly freed, potentially causing memory management issues.

Reproduction

To reproduce this vulnerability, the CIFS filesystem must be unmounted or shut down, creating a scenario where operations that require a valid transaction ID can inadvertently cause a leak by failing to release the ID properly. This can be observed by monitoring the transaction ID management within the CIFS implementation.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.