CVE-2025-38711 in Linuxinformación

Resumen

por MITRE • 2025-09-04

In the Linux kernel, the following vulnerability has been resolved:

smb/server: avoid deadlock when linking with ReplaceIfExists

If smb2_create_link() is called with ReplaceIfExists set and the name does exist then a deadlock will happen.

ksmbd_vfs_kern_path_locked() will return with success and the parent directory will be locked. ksmbd_vfs_remove_file() will then remove the file. ksmbd_vfs_link() will then be called while the parent is still locked. It will try to lock the same parent and will deadlock.

This patch moves the ksmbd_vfs_kern_path_unlock() call to *before* ksmbd_vfs_link() and then simplifies the code, removing the file_present flag variable.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsable

Linux

Reservar

2025-04-16

Divulgación

2025-09-04

Moderación

aceptado

Artículo

VDB-322571

CPE

listo

EPSS

0.00111

KEV

no

Actividades

muy bajo

Fuentes

Do you know our Splunk app?

Download it now for free!