CVE-2025-22074

ksmbd: fix r_count dec/increment mismatch

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix r_count dec/increment mismatch r_count is only increased when there is an oplock break wait, so r_count inc/decrement are not paired. This can cause r_count to become negative, which can lead to a problem where the ksmbd thread does not terminate.

N/A

CVSS

Severity:

EPSS 0.03%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/4790bcb269e5d6d88200a67c54ae6d627332a3be
https://git.kernel.org/stable/c/457db486203c90e10c3efc87fd45cc7000b1cd36
https://git.kernel.org/stable/c/20378cf48359f39dee0ef9b61470ebe77bd49c0d
https://git.kernel.org/stable/c/c2ec33d46b4d1c8085dab5d02e00b21f4f0fb8a9
https://git.kernel.org/stable/c/ddb7ea36ba7129c2ed107e2186591128618864e1

Frequently Asked Questions

What is the severity of CVE-2025-22074?: CVE-2025-22074 has not yet been assigned a CVSS score.
How to fix CVE-2025-22074?: To fix CVE-2025-22074, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-22074 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-22074 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-22074?: CVE-2025-22074 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.