CVE-2025-40103

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be called after successful calls to `cifs_sb_tlink()`. Three calls fail to update refcount accordingly, leading to possible resource leaks.

References

https://git.kernel.org/stable/c/790282abe9d805f08618c1c24ea2529e7259b692
https://git.kernel.org/stable/c/896bb31e1416f582503db1350cf1bd10dc64e5a6
https://git.kernel.org/stable/c/c2b77f42205ef485a647f62082c442c1cd69d3fc
https://git.kernel.org/stable/c/d3c8ea197055c260119a13360e8202a27e53e1e4
https://git.kernel.org/stable/c/d7dd034c14928306db1b46be277ae439b84dacf9
https://git.kernel.org/stable/c/e15605b68b490186da2ad8029c0351a9cfb0b9af

FAQ

What is CVE-2025-40103?

CVE-2025-40103 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for...

How severe is CVE-2025-40103?

CVSS scoring is not yet available for CVE-2025-40103. Check NVD for updates.

Is there a patch for CVE-2025-40103?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.