CVE-2025-38711
Published: Sep 4, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: smb/server: avoid deadlock when linking with ReplaceIfExists If smb2_create_link() is called with ReplaceIfExists set and the name does exist then a deadlock will happen. ksmbd_vfs_kern_path_locked() will return with success and the parent directory will be locked. ksmbd_vfs_remove_file() will then remove the file. ksmbd_vfs_link() will then be called while the parent is still locked. It will try to lock the same parent and will deadlock. This patch moves the ksmbd_vfs_kern_path_unlock() call to *before* ksmbd_vfs_link() and then simplifies the code, removing the file_present flag variable.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 9d5012ffe14120f978ee34aef4df3d6cb026b7c4affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < ac98d54630d5b52e3f684d872f0d82c06c418ea9affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 1e858a7a51c7b8b009d8f246de7ceb7743b44a71affected 0626e6641f6b467447c81dd7678a69c66f7746cf - < 814cfdb6358d9b84fcbec9918c8f938cc096a43aaffected 0626e6641f6b467447c81dd7678a69c66f7746cf - < a7dddd62578c2eb6cb28b8835556a121b5157323+2 more versions |
Linux | Linux | affected 5.15unaffected 0 - < 5.15unaffected 5.15.190 - <= 5.15.*unaffected 6.1.149 - <= 6.1.*unaffected 6.6.103 - <= 6.6.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now