CVE-2025-39720 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix refcount leak causing resource not released

When ksmbd_conn_releasing(opinfo->conn) returns true,the refcount was not
decremented properly, causing a refcount leak that prevents the count from
reaching zero and the memory from being released.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/36e010bb865fbaa1202fe9bcce3fd486d6db7606
https://git.kernel.org/stable/c/89bb430f621124af39bb31763c4a8b504c9651e2
https://git.kernel.org/stable/c/9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8
https://git.kernel.org/stable/c/a1d2bab4d53368a526c97aba92671dd71814f95a

History

Fri, 05 Sep 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix refcount leak causing resource not released When ksmbd_conn_releasing(opinfo->conn) returns true,the refcount was not decremented properly, causing a refcount leak that prevents the count from reaching zero and the memory from being released.
Title		ksmbd: fix refcount leak causing resource not released
References		https://git.kernel.org/stable/c/36e010bb865fbaa1202fe9bcce3fd486d6db7606 https://git.kernel.org/stable/c/89bb430f621124af39bb31763c4a8b504c9651e2 https://git.kernel.org/stable/c/9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8 https://git.kernel.org/stable/c/a1d2bab4d53368a526c97aba92671dd71814f95a

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-05T17:21:28.060Z

Updated: 2025-09-05T17:21:28.060Z

Reserved: 2025-04-16T07:20:57.117Z

Link: CVE-2025-39720

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-05T18:15:49.643

Modified: 2025-09-05T18:15:49.643

Link: CVE-2025-39720

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39720", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.117Z", "datePublished": "2025-09-05T17:21:28.060Z", "dateUpdated": "2025-09-05T17:21:28.060Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-05T17:21:28.060Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix refcount leak causing resource not released\n\nWhen ksmbd_conn_releasing(opinfo->conn) returns true,the refcount was not\ndecremented properly, causing a refcount leak that prevents the count from\nreaching zero and the memory from being released."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/oplock.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "a1d2bab4d53368a526c97aba92671dd71814f95a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "36e010bb865fbaa1202fe9bcce3fd486d6db7606", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "89bb430f621124af39bb31763c4a8b504c9651e2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/oplock.c"], "versions": [{"version": "6.6.103", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.44", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.17-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a1d2bab4d53368a526c97aba92671dd71814f95a"}, {"url": "https://git.kernel.org/stable/c/36e010bb865fbaa1202fe9bcce3fd486d6db7606"}, {"url": "https://git.kernel.org/stable/c/9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8"}, {"url": "https://git.kernel.org/stable/c/89bb430f621124af39bb31763c4a8b504c9651e2"}], "title": "ksmbd: fix refcount leak causing resource not released", "x_generator": {"engine": "bippy-1.2.0"}}}}