Linux Kernel ksmbd r_count Decrement/Increment Mismatch Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ksmbd component has been addressed, concerning an imbalance in the r_count reference counting. The issue arises because r_count is only incremented during an oplock break wait, leading to a scenario where the increments and decrements are not properly paired. This mismatch can cause r_count to become negative, potentially preventing the ksmbd thread from terminating as expected.

Impact

The reference count mismatch can cause the r_count to become negative, leading to a situation where the ksmbd thread does not terminate, potentially causing resource leaks or other unintended behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ksmbd r_count Decrement/Increment Mismatch Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating