Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() When ksmbd_iov_pin_rsp() fails, we should call ksmbd_session_rpc_close().
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.15.145, < 5.15.200 |
References
- https://git.kernel.org/stable/c/04dd114b682a4ccaeba2c2bad049c8b50ce740d8Patch
- https://git.kernel.org/stable/c/2b7b4df87fe6f2db6ee45f475de6b37b8b8e5d29Patch
- https://git.kernel.org/stable/c/7c28f8eef5ac5312794d8a52918076dcd787e53bPatch
- https://git.kernel.org/stable/c/a2c68e256fb7a4ac34154c6e865a1389acca839fPatch
- https://git.kernel.org/stable/c/ac18761b530b5dd40f59af8a25902282e5512854Patch
- https://git.kernel.org/stable/c/fdda836fcee6fdbcccc24e3679097efb583f581fPatch
FAQ
What is CVE-2025-71220?
CVE-2025-71220 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() When ksmbd_iov_pin_rsp() fails, we should call ksmb...
How severe is CVE-2025-71220?
CVE-2025-71220 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-71220?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.