CVE-2025-40328

smb: client: fix potential UAF in smb2_close_cached_fid()

References

Notes

 carnil> Introduced in ebe98f1447bb ("cifs: enable caching of directories for which a
 carnil> lease is held"). Vulnerable versions: 6.1.

Bugs

Status

Branch Status
upstream released (6.18-rc5) [734e99623c5b65bf2c03e35978a0b980ebc3c2f8]
6.18-upstream-stable N/A "Fixed before branching point"
6.17-upstream-stable released (6.17.8) [bdb596ceb4b7c3f28786a33840263728217fbcf5]
6.12-upstream-stable released (6.12.58) [065bd62412271a2d734810dd50336cae88c54427]
6.6-upstream-stable released (6.6.117) [cb52d9c86d70298de0ab7c7953653898cbc0efd6]
6.1-upstream-stable needed
5.10-upstream-stable N/A "Vulnerable code not present"
sid released (6.17.8-1)
6.12-trixie-security released (6.12.63-1)
6.1-bookworm-security needed
5.10-bullseye-security N/A "Vulnerable code not present"