CVE-2025-37962
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-37962
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37962.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-37962
- Downstream
- Related
- Published
- 2025-05-20T16:15:34Z
- Modified
- 2025-08-13T00:00:22Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix memory leak in parseleasestate()
The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocated leasectxinfo structure.
This patch fixes the issue by adding kfree(lreq) before returning NULL in both boundary check cases.
- References
-
- https://git.kernel.org/stable/c/2148d34371b06dac696c0497a98a6bf905a51650
- https://git.kernel.org/stable/c/829e19ef741d9e9932abdc3bee5466195e0852cf
- https://git.kernel.org/stable/c/af9e2d4732a548db8f6f5a90c2c20a789a3d7240
- https://git.kernel.org/stable/c/eb4447bcce915b43b691123118893fca4f372a8f
- https://git.kernel.org/stable/c/facf22c1a394c1e023dab5daf9a494f722771e1c