CVE-2025-40285

Published: Dec 6, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2_sess_setup() Reference count of ksmbd_session will leak when session need reconnect. Fix this by adding the missing ksmbd_user_session_put().

Vendor	Product	Versions
Linux	Linux	affected `37a0e2b362b3150317fb6e2139de67b1e29ae5ff - < 6fc935f798d44a8eb8a5e6659198399fbf57b981` affected `450a844c045ff0895d41b05a1cbe8febd1acfcfd - < e671f9bb97805771380c98de944e2ceab6949188` affected `a39e31e22a535d47b14656a7d6a893c7f6cf758c - < dcc51dfe6ff26b52cac106865a172ac982d78401` affected `b95629435b84b9ecc0c765995204a4d8a913ed52 - < d37b2c81c83d6c0d5ca582f4fe73c672983f9e0d` affected `b95629435b84b9ecc0c765995204a4d8a913ed52 - < 379510a815cb2e64eb0a379cb62295d6ade65df0` +5 more versions
Linux	Linux	affected `6.13` unaffected `0 - < 6.13` unaffected `6.1.159 - <= 6.1.` unaffected `6.6.117 - <= 6.6.` unaffected `6.12.59 - <= 6.12.*` +2 more versions

References

https://git.kernel.org/stable/c/6fc935f798d44a8eb8a5e6659198399fbf57b981

https://git.kernel.org/stable/c/e671f9bb97805771380c98de944e2ceab6949188

https://git.kernel.org/stable/c/dcc51dfe6ff26b52cac106865a172ac982d78401

https://git.kernel.org/stable/c/d37b2c81c83d6c0d5ca582f4fe73c672983f9e0d

https://git.kernel.org/stable/c/379510a815cb2e64eb0a379cb62295d6ade65df0

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40285

Description

Affected Products

References