CVE-2025-21967

HIGH

Linux Kernel 5.15-6.6.83, 6.7-6.12.19, 6.13-6.13.7 - Use-After-Free in ksmbd_free_work_struct

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_free_work_struct ->interim_entry of ksmbd_work could be deleted after oplock is freed. We don't need to manage it with linked list. The interim request could be immediately sent whenever a oplock break wait is needed.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/fb776765bfc21d5e4ed03bb3d4406c2b86ff1ac3

Patch

https://git.kernel.org/stable/c/62746ae3f5414244a96293e3b017be637b641280

Patch

https://git.kernel.org/stable/c/eb51f6f59d19b92f6fe84d3873f958495ab32f0a

Patch

https://git.kernel.org/stable/c/bb39ed47065455604729404729d9116868638d31

Scores

CVSS v3 7.8

EPSS 0.0017

EPSS Percentile 6.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (15)

linux/Kernel 5.15.0 - 6.6.84linux

linux/Kernel 6.13.0 - 6.13.8linux

linux/Kernel 6.7.0 - 6.12.20linux

Linux/Linux < 5.15

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - 62746ae3f5414244a96293e3b017be637b641280

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - bb39ed47065455604729404729d9116868638d31

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - eb51f6f59d19b92f6fe84d3873f958495ab32f0a

Linux/Linux 0626e6641f6b467447c81dd7678a69c66f7746cf - fb776765bfc21d5e4ed03bb3d4406c2b86ff1ac3

Linux/Linux 5.15

Linux/Linux 6.12.20 - 6.12.*

... and 5 more

Published Apr 01, 2025

Tracked Since Feb 18, 2026