CVE-2025-37954

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-37954
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37954.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37954
Downstream
Related
Published
2025-05-20T16:15:33Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: Avoid race in opencacheddir with lease breaks

A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's newly-constructed. This leaks a dentry reference if the allocation occurs before the queued lease break work runs.

Avoid the race by extending holding the cfidlistlock across findorcreatecacheddir and when the result is checked.

References

Affected packages