CVE-2025-40268
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/12/2025
Last modified:
06/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
cifs: client: fix memory leak in smb3_fs_context_parse_param<br />
<br />
The user calls fsconfig twice, but when the program exits, free() only<br />
frees ctx->source for the second fsconfig, not the first.<br />
Regarding fc->source, there is no code in the fs context related to its<br />
memory reclamation.<br />
<br />
To fix this memory leak, release the source memory corresponding to ctx<br />
or fc before each parsing.<br />
<br />
syzbot reported:<br />
BUG: memory leak<br />
unreferenced object 0xffff888128afa360 (size 96):<br />
backtrace (crc 79c9c7ba):<br />
kstrdup+0x3c/0x80 mm/util.c:84<br />
smb3_fs_context_parse_param+0x229b/0x36c0 fs/smb/client/fs_context.c:1444<br />
<br />
BUG: memory leak<br />
unreferenced object 0xffff888112c7d900 (size 96):<br />
backtrace (crc 79c9c7ba):<br />
smb3_fs_context_fullpath+0x70/0x1b0 fs/smb/client/fs_context.c:629<br />
smb3_fs_context_parse_param+0x2266/0x36c0 fs/smb/client/fs_context.c:1438