smb: client: fix potential UAF in smb2_close_cached_fid()

...

CVE-2025-40328

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...

CVE-2025-40328

CVE-2025-40328 : In the Linux kernel, the smb client could suffer a use-after-free in smb2_close_cached_fid() due to a race where a new reference could be grabbed after kref_put() dropped to zero but before cfid_list_lock is acquired. The fix switches to kref_put_lock() so cfid_release() is calle...

EUVD-2023-36513

Malicious code in bioql PyPI...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

AZL-27763 CVE-2023-32258 affecting package kernel for versions less than 5.15.135.1-2

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

SUSE CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...