CVE-2025-68219

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cifs: fix memory leak in smb3_fs_context_parse_param error path<br /> <br /> Add proper cleanup of ctx-&gt;source and fc-&gt;source to the<br /> cifs_parse_mount_err error handler. This ensures that memory allocated<br /> for the source strings is correctly freed on all error paths, matching<br /> the cleanup already performed in the success path by<br /> smb3_cleanup_fs_context_contents().<br /> Pointers are also set to NULL after freeing to prevent potential<br /> double-free issues.<br /> <br /> This change fixes a memory leak originally detected by syzbot. The<br /> leak occurred when processing Opt_source mount options if an error<br /> happened after ctx-&gt;source and fc-&gt;source were successfully<br /> allocated but before the function completed.<br /> <br /> The specific leak sequence was:<br /> 1. ctx-&gt;source = smb3_fs_context_fullpath(ctx, &amp;#39;/&amp;#39;) allocates memory<br /> 2. fc-&gt;source = kstrdup(ctx-&gt;source, GFP_KERNEL) allocates more memory<br /> 3. A subsequent error jumps to cifs_parse_mount_err<br /> 4. The old error handler freed passwords but not the source strings,<br /> causing the memory to leak.<br /> <br /> This issue was not addressed by commit e8c73eb7db0a ("cifs: client:<br /> fix memory leak in smb3_fs_context_parse_param"), which only fixed<br /> leaks from repeated fsconfig() calls but not this error path.<br /> <br /> Patch updated with minor change suggested by kernel test robot