CVE-2025-68295

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68295
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68295.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-68295
Downstream
Related
Published
2025-12-16T15:06:14.977Z
Modified
2026-03-20T17:44:17.043919Z
Summary
smb: client: fix memory leak in cifs_construct_tcon()
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix memory leak in cifsconstructtcon()

When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds() will end up setting @ctx->domainname, so it needs to be freed before leaving cifsconstructtcon().

This fixes the following memory leak reported by kmemleak:

mount.cifs //srv/share /mnt -o domain=ZELDA,multiuser,... su - testuser cifscreds add -d ZELDA -u testuser ... ls /mnt/1 ... umount /mnt echo scan > /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak unreferenced object 0xffff8881203c3f08 (size 8): comm "ls", pid 5060, jiffies 4307222943 hex dump (first 8 bytes): 5a 45 4c 44 41 00 cc cc ZELDA... backtrace (crc d109a8cf): __kmallocnodetrack_callernoprof+0x572/0x710 kstrdup+0x3a/0x70 cifssbtlink+0x1209/0x1770 [cifs] cifsgetfattr+0xe1/0xf50 [cifs] cifsgetinodeinfo+0xb5/0x240 [cifs] cifsrevalidatedentryattr+0x2d1/0x470 [cifs] cifsgetattr+0x28e/0x450 [cifs] vfsgetattrnosec+0x126/0x180 vfsstatx+0xf6/0x220 dostatx+0xab/0x110 __x64sysstatx+0xd5/0x130 dosyscall64+0xbb/0x380 entrySYSCALL64afterhwframe+0x77/0x7f

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68295.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f2aee329a68f5a907bcff11a109dfe17c0b41aeb
Fixed
ff8f9bd1c46ee02d5558293915d42e82646d5ee9
Fixed
d146e96fef876492979658dce644305de35878d4
Fixed
3dd546e867e94c2f954bca45a961b6104ba708b6
Fixed
f62ffdfb431bdfa4b6d24233b7fd830eca0b801e
Fixed
f15288c137d960836277d0e3ecc62de68e52f00f
Fixed
a67e91d5f446e455dd9201cdd6e865f7078d251d
Fixed
3184b6a5a24ec9ee74087b2a550476f386df7dc2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1456d3cea31114137fabf1110d20a2e2c6d6060f
Last affected
16764d7486d02b1699ae16e91d7a577602398b17
Last affected
904847402bd74a28164bd4d8da082d1eace7c190
Last affected
325fa2a6729b74b2806b31725940cb54658515e5
Last affected
8db988a982908b7bff76e095000adabf9c29698b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68295.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.3.0
Fixed
5.10.247
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.197
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.159
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.119
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.61
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.17.11

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68295.json"