CVE-2025-21945

Published: Apr 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2_lock If smb_lock->zero_len has value, ->llist of smb_lock is not delete and flock is old one. It will cause use-after-free on error handling routine.

Vendor	Product	Versions
Linux	Linux	affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 410ce35a2ed6d0e114132bba29af49b69880c8c7` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 8573571060ca466cbef2c6f03306b2cc7b883506` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < a0609097fd10d618aed4864038393dd75131289e` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 636e021646cf9b52ddfea7c809b018e91f2188cb` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 84d2d1641b71dec326e8736a749b7ee76a9599fc`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `6.1.131 - <= 6.1.` unaffected `6.6.83 - <= 6.6.` unaffected `6.12.19 - <= 6.12.*` +2 more versions

References

https://git.kernel.org/stable/c/410ce35a2ed6d0e114132bba29af49b69880c8c7

https://git.kernel.org/stable/c/8573571060ca466cbef2c6f03306b2cc7b883506

https://git.kernel.org/stable/c/a0609097fd10d618aed4864038393dd75131289e

https://git.kernel.org/stable/c/636e021646cf9b52ddfea7c809b018e91f2188cb

https://git.kernel.org/stable/c/84d2d1641b71dec326e8736a749b7ee76a9599fc

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21945

Description

Affected Products

References