CVE-2025-40285

Published: December 9, 2025Last modified: June 24, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2_sess_setup() Reference count of ksmbd_session will leak when session need reconnect. Fix this by adding the missing ksmbd_user_session_put().

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsFixed (6.1.159-r0)
25 LTSlinux-ltsNot affected (6.6.89-r0)
Streamlinux-ltsFixed (6.18.35-r1)

References

ON THIS PAGE