Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Refcount Leak Vulnerability in SMB2 Session Setup

Vulnerability

A reference count leak vulnerability has been identified in the Linux kernel's SMB2 session setup process. This issue occurs when a session needs to reconnect, leading to a leak in the reference count of the 'ksmbd_session'. The vulnerability has been addressed by adding a missing function call to properly release the session reference. The fix is available in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could lead to a reference count leak, potentially causing memory management issues such as use-after-free vulnerabilities.

Reproduction

The vulnerability can be reproduced by initiating an SMB2 session that requires reconnection. This will cause the reference count of the 'ksmbd_session' to leak, as the session is not properly released before the reconnection process.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Dec 6, 2025, 10:23 PM
Updated: Dec 6, 2025, 10:23 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.3
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.