2 matches found
Linux kernel cifs_put_tcp_session function resource management error vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...
CVE-2025-21673
CVE-2025-21673 affects the Linux kernel CIFS/SMB client logic. The flaw is a double free of TCP_Server_Info::hostname during server shutdown in cifs_put_tcp_session(), where cifsd threads reconnect to multiple DFS targets and may still hold server->hostname, risking use-after-free or kernel in...