CVE-2025-37954

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-37954

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37954.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-37954

Downstream

BELL-CVE-2025-37954

DEBIAN-CVE-2025-37954

ECHO-36dd-7d11-9e95

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:02923-1

UBUNTU-CVE-2025-37954

USN-7699-1

USN-7699-2

USN-7721-1

USN-7775-1

Related

Published

2025-05-20T16:15:33Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: Avoid race in opencacheddir with lease breaks

A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's newly-constructed. This leaks a dentry reference if the allocation occurs before the queued lease break work runs.

Avoid the race by extending holding the cfidlistlock across findorcreatecacheddir and when the result is checked.

References

Affected packages