kernel: smb: client: fix potential cfid UAF in smb2_query_info_compound

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

EUVD-2025-201625

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

CVE-2025-40320 smb: client: fix potential cfid UAF in smb2_query_info_compound

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

CVE-2025-40320

CVE-2025-40320 pertains to the Linux kernel CIFS smb2_query_info_compound path. The issue is a use-after-free: when smb2_query_info_compound() retries, a previously allocated cfid could be freed in the first attempt, and without resetting on replay, cleanup may operate on a stale pointer. The fix...