CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ksmbd: Fix refcount leak when invalid session is found on session lookup<br /> <br /> When a session is found but its state is not SMB2_SESSION_VALID, It<br /> indicates that no valid session was found, but it is missing to decrement<br /> the reference count acquired by the session lookup, which results in<br /> a reference count leak. This patch fixes the issue by explicitly calling<br /> ksmbd_user_session_put to release the reference to the session.