CVE-2025-38711
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38711
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38711.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38711
- Downstream
- Related
- Published
- 2025-09-04T15:33:01.367Z
- Modified
- 2025-11-26T19:33:22.757264Z
- Summary
- smb/server: avoid deadlock when linking with ReplaceIfExists
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
smb/server: avoid deadlock when linking with ReplaceIfExists
If smb2createlink() is called with ReplaceIfExists set and the name does exist then a deadlock will happen.
ksmbdvfskernpathlocked() will return with success and the parent directory will be locked. ksmbdvfsremovefile() will then remove the file. ksmbdvfs_link() will then be called while the parent is still locked. It will try to lock the same parent and will deadlock.
This patch moves the ksmbdvfskernpathunlock() call to before ksmbdvfslink() and then simplifies the code, removing the file_present flag variable.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/9c3874e559580d6c6ec8d449812ac11277724770/cves/2025/38xxx/CVE-2025-38711.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1e858a7a51c7b8b009d8f246de7ceb7743b44a71
- https://git.kernel.org/stable/c/814cfdb6358d9b84fcbec9918c8f938cc096a43a
- https://git.kernel.org/stable/c/9d5012ffe14120f978ee34aef4df3d6cb026b7c4
- https://git.kernel.org/stable/c/a726fef6d7d4cfc365d3434e3916dbfe78991a33
- https://git.kernel.org/stable/c/a7dddd62578c2eb6cb28b8835556a121b5157323
- https://git.kernel.org/stable/c/ac98d54630d5b52e3f684d872f0d82c06c418ea9
- https://git.kernel.org/stable/c/d5fc1400a34b4ea5e8f2ce296ea12bf8c8421694
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixed9d5012ffe14120f978ee34aef4df3d6cb026b7c4
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixedac98d54630d5b52e3f684d872f0d82c06c418ea9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixed1e858a7a51c7b8b009d8f246de7ceb7743b44a71
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixed814cfdb6358d9b84fcbec9918c8f938cc096a43a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixeda7dddd62578c2eb6cb28b8835556a121b5157323
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixeda726fef6d7d4cfc365d3434e3916dbfe78991a33
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0626e6641f6b467447c81dd7678a69c66f7746cfFixedd5fc1400a34b4ea5e8f2ce296ea12bf8c8421694
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced5.15.0Fixed5.15.190
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.149
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.103
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.43
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.15.11
- Type
- ECOSYSTEM
- Events
-
Introduced6.16.0Fixed6.16.2