CVE-2025-39720

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix refcount leak causing resource not released

When ksmbd_conn_releasing(opinfo->conn) returns true,the refcount was not
decremented properly, causing a refcount leak that prevents the count from
reaching zero and the memory from being released.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.244-1
fixed
bookworm
vulnerable
bookworm (security)
vulnerable
trixie
vulnerable
trixie (security)
6.12.48-1
fixed
forky
6.16.9-1
fixed
sid
6.16.12-2
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/36e010bb865fbaa1202fe9bcce3fd486d6db7606
https://git.kernel.org/stable/c/89bb430f621124af39bb31763c4a8b504c9651e2
https://git.kernel.org/stable/c/9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8
https://git.kernel.org/stable/c/a1d2bab4d53368a526c97aba92671dd71814f95a