CVE-2025-68809Linux vulnerability

14 documents7 sources
Severity
6.4MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedJan 13
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on m_flags in vfs_cache ksmbd maintains delete-on-close and pending-delete state in ksmbd_inode->m_flags. In vfs_cache.c this field is accessed under inconsistent locking: some paths read and modify m_flags under ci->m_lock while others do so without taking the lock at all. Examples: - ksmbd_query_inode_status() and __ksmbd_inode_close() use ci->m_lock when checking or updating m_flags. - ksmbd_inode_pen

Affected Packages14 packages

Linuxlinux/linux_kernel5.15.06.6.120+2
Debianlinux/linux_kernel< 6.12.69-1+1
CVEListV5linux/linuxf44158485826c076335d6860d35872271a83791d5adad9727a815c26013b0d41cfee92ffa7d4037c+4
debiandebian/linux< linux 6.18.3-1 (forky)

🔴Vulnerability Details

3
OSV
ksmbd: vfs: fix race on m_flags in vfs_cache2026-01-13
GHSA
GHSA-ffpf-rf35-3fhq: In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on m_flags in vfs_cache ksmbd maintains delete-on-close and2026-01-13
OSV
CVE-2025-68809: In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on m_flags in vfs_cache ksmbd maintains delete-on-close and p2026-01-13

📋Vendor Advisories

9
Ubuntu
Linux kernel (GCP) vulnerabilities2026-04-17
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17

🕵️Threat Intelligence

1
Wiz
CVE-2025-68809 Impact, Exploitability, and Mitigation Steps | Wiz