FKIE_CVE-2025-38321

Vulnerability from fkie_nvd - Published: 2025-07-10 09:15 - Updated: 2025-11-18 12:53
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in a "Dentry still in use" error, so add an error message that makes it clear this is what happened: [ 495.281119] CIFS: VFS: \\otters.example.com\share Out of memory while dropping dentries [ 495.281595] ------------[ cut here ]------------ [ 495.281887] BUG: Dentry ffff888115531138{i=78,n=/} still in use (2) [unmount of cifs cifs] [ 495.282391] WARNING: CPU: 1 PID: 2329 at fs/dcache.c:1536 umount_check+0xc8/0xf0 Also, bail out of looping through all tcons as soon as a single allocation fails, since we're already in trouble, and kmalloc() attempts for subseqeuent tcons are likely to fail just like the first one did.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/43f26094d6702e494e800532c3f1606e7a68eb30Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4479db143390bdcadc1561292aab579cdfa9f6c6Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a2182743a8b4969481f64aec4908ff162e8a206cPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b8ced2b9a23a1a2c1e0ed8d0d02512e51bdf38daPatch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 6.16
linux linux_kernel 6.16
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "866FF7CF-AE64-422E-8A7D-4CEF857AA4B7",
              "versionEndExcluding": "6.6.95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E569FD34-0076-4428-BE17-EECCF867611C",
              "versionEndExcluding": "6.12.35",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD174C5-1AA2-4671-BDDC-1A9FCC753655",
              "versionEndExcluding": "6.15.4",
              "versionStartIncluding": "6.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "6D4894DB-CCFE-4602-B1BF-3960B2E19A01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "09709862-E348-4378-8632-5A7813EDDC86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Log an error when close_all_cached_dirs fails\n\nUnder low-memory conditions, close_all_cached_dirs() can\u0027t move the\ndentries to a separate list to dput() them once the locks are dropped.\nThis will result in a \"Dentry still in use\" error, so add an error\nmessage that makes it clear this is what happened:\n\n[  495.281119] CIFS: VFS: \\\\otters.example.com\\share Out of memory while dropping dentries\n[  495.281595] ------------[ cut here ]------------\n[  495.281887] BUG: Dentry ffff888115531138{i=78,n=/}  still in use (2) [unmount of cifs cifs]\n[  495.282391] WARNING: CPU: 1 PID: 2329 at fs/dcache.c:1536 umount_check+0xc8/0xf0\n\nAlso, bail out of looping through all tcons as soon as a single\nallocation fails, since we\u0027re already in trouble, and kmalloc() attempts\nfor subseqeuent tcons are likely to fail just like the first one did."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: Registra un error cuando close_all_cached_dirs falla. En condiciones de poca memoria, close_all_cached_dirs() no puede mover las entradas a una lista separada para dput() una vez que se eliminan los bloqueos. Esto generar\u00e1 un error \"Dentry a\u00fan en uso\", por lo que debe agregar un mensaje de error que aclare que esto es lo que sucedi\u00f3: [ 495.281119] CIFS: VFS: \\\\otters.example.com\\share Sin memoria al eliminar dentries [ 495.281595] ------------[ cortar aqu\u00ed ]------------ [ 495.281887] ERROR: Dentry ffff888115531138{i=78,n=/} a\u00fan en uso (2) [desmontar cifs cifs] [ 495.282391] ADVERTENCIA: CPU: 1 PID: 2329 en fs/dcache.c:1536 umount_check+0xc8/0xf0 Adem\u00e1s, abandone el bucle a trav\u00e9s de todos los tcons tan pronto como falle una sola asignaci\u00f3n, ya que estamos en problemas y kmalloc() intenta Es probable que las tcons subsiguientes fallen tal como lo hizo la primera."
    }
  ],
  "id": "CVE-2025-38321",
  "lastModified": "2025-11-18T12:53:57.880",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-07-10T09:15:26.103",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/43f26094d6702e494e800532c3f1606e7a68eb30"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/4479db143390bdcadc1561292aab579cdfa9f6c6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/a2182743a8b4969481f64aec4908ff162e8a206c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/b8ced2b9a23a1a2c1e0ed8d0d02512e51bdf38da"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.