Linux Kernel CIFS Use-After-Free Vulnerability in DFS Cache Handling

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's CIFS (Common Internet File System) implementation, specifically within the DFS (Distributed File System) cache management. This vulnerability arises because DFS root sessions were being released while the DFS cache refresher was still active, leading to a use-after-free condition. The issue was detected by KASAN (Kernel Address Sanitizer), which reported a read of freed memory by a kernel worker thread processing DFS cache updates. The vulnerability has been addressed by synchronizing the lifetimes of DFS root sessions with DFS connection management, eliminating the need for mount group handling in the DFS cache.

Impact

Exploitation of this vulnerability could lead to memory corruption issues, allowing for potential arbitrary code execution or other undefined behavior in the kernel.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel CIFS Use-After-Free Vulnerability in DFS Cache Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating