CVE-2025-68226 — Improper Update of Reference Count in Linux

CWE-911 — Improper Update of Reference Count7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 16

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfids_invalidation_worker() The previous commit bdb596ceb4b7 ("smb: client: fix potential UAF in smb2_close_cached_fid()") was an incomplete backport and missed one kref_put() call in cfids_invalidation_worker() that should have been converted to close_cached_dir().

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.17.8 — 6.17.10

▶Debianlinux/linux_kernel< 6.17.10-1

▶CVEListV5linux/linuxbdb596ceb4b7c3f28786a33840263728217fbcf5 — abd29b6e17a918fdd68352ce4813e167acc8727e+1

▶debiandebian/linux< linux 6.17.10-1 (forky)

🔴Vulnerability Details

GHSA

GHSA-gqrv-x663-5498: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfids_invalidation_worker() The previous↗2025-12-16

▶

OSV

smb: client: fix incomplete backport in cfids_invalidation_worker()↗2025-12-16

▶

OSV

CVE-2025-68226: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfids_invalidation_worker() The previous c↗2025-12-16

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel SMB client: Denial of Service due to Use-After-Free↗2025-12-16

▶

Debian

CVE-2025-68226: linux - In the Linux kernel, the following vulnerability has been resolved: smb: client...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-68226 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶