CVE-2025-39819
- Source
- https://cve.org/CVERecord?id=CVE-2025-39819
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39819.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-39819
- Downstream
- Related
- Published
- 2025-09-16T13:00:19.320Z
- Modified
- 2026-03-20T12:43:04.514551Z
- Summary
- fs/smb: Fix inconsistent refcnt update
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/smb: Fix inconsistent refcnt update
A possible inconsistent update of refcount was identified in
smb2_compound_op. Such inconsistent update could lead to possible resource leaks.Why it is a possible bug: 1. In the comment section of the function, it clearly states that the reference to
cfileshould be dropped after calling this function. 2. Every control flow path would check and drop the reference tocfile, except the patched one. 3. Existing callers would not handle refcount update ofcfileif -ENOMEM is returned.To fix the bug, an extra goto label "out" is added, to make sure that the cleanup logic would always be respected. As the problem is caused by the allocation failure of
vars, the cleanup logic between label "finished" and "out" can be safely ignored. According to the definition of functionis_replayable_error, the error code of "-ENOMEM" is not recoverable. Therefore, the replay logic also gets ignored. - Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39819.json" }- References
-
- https://git.kernel.org/stable/c/3fc11ff13fbc2749871d6ac2141685cf54699997
- https://git.kernel.org/stable/c/4191ea1f0bb3e27d65c5dcde7bd00e709ec67141
- https://git.kernel.org/stable/c/4735f5991f51468b85affb8366b7067248457a71
- https://git.kernel.org/stable/c/ab529e6ca1f67bcf31f3ea80c72bffde2e9e053e
- https://git.kernel.org/stable/c/cc82c6dff548f0066a51a6e577c7454e7d26a968
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39819.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-39819
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda7d5c294628088781da9e91cbb034d61c3a71f71Fixed3fc11ff13fbc2749871d6ac2141685cf54699997Fixed4191ea1f0bb3e27d65c5dcde7bd00e709ec67141Fixed4735f5991f51468b85affb8366b7067248457a71Fixedcc82c6dff548f0066a51a6e577c7454e7d26a968Fixedab529e6ca1f67bcf31f3ea80c72bffde2e9e053e