CVE-2025-68817

EUVD-2026-2302
In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency

Under high concurrency, A tree-connection object (tcon) is freed on
a disconnect path while another path still holds a reference and later
executes *_put()/write on it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.15.145 ≤
𝑥
< 5.15.199
linuxlinux_kernel
6.1.71 ≤
𝑥
< 6.1.160
linuxlinux_kernel
6.6.1 ≤
𝑥
< 6.6.120
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.64
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.3
linuxlinux_kernel
6.6
linuxlinux_kernel
6.6:rc5
linuxlinux_kernel
6.6:rc6
linuxlinux_kernel
6.6:rc7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.162-1
fixed
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.249-1
fixed
forky
6.18.12-1
fixed
sid
6.18.15-1
fixed
trixie
vulnerable
trixie (security)
6.12.73-1
fixed
linux-6.1
bullseye (security)
6.1.162-1~deb11u1
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/063cbbc6f595ea36ad146e1b7d2af820894beb21
https://git.kernel.org/stable/c/21a3d01fc6db5129f81edb0ab7cb94fd758bcbea
https://git.kernel.org/stable/c/446beed646b2e426dd53d27358365f8678e1dd01
https://git.kernel.org/stable/c/b39a1833cc4a2755b02603eec3a71a85e9dff926
https://git.kernel.org/stable/c/d092de8a26c952379ded8e6b0bda31d89befac1a
https://git.kernel.org/stable/c/d64977495e44855f2b28d8ce56107c963a7a50e4