Primary

Context

Linux Kernel ksmbd Memory Leak Vulnerability in smb2_lock Function

Vulnerability

Patched

A memory leak vulnerability has been identified in the Linux kernel's ksmbd component, specifically within the smb2_lock function. This issue arises because the 'argv' variable is not properly freed when the setup_async_work function fails or when the current process is awakened. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can lead to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree to address this vulnerability.

Added: Dec 30, 2025, 12:19 PM

Updated: Dec 30, 2025, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd Memory Leak Vulnerability in smb2_lock Function

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating