Race Condition Vulnerability in Linux Kernel's Samba Implementation
CVE-2025-40090

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
30 October 2025

What is CVE-2025-40090?

A vulnerability exists in the Linux kernel's Samba implementation, specifically in the ksmbd component, where recursive locking issues in RPC handle list access can lead to hung connections. When a client opens a named pipe using the 'rpcclient' tool, the system may experience a deadlock. The root cause is due to improper management of locks, where the existing lock makes recursive calls problematic, effectively freezing the connection. It's essential for administrators to ensure they are using patched versions of the kernel to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 69674b029002b1d90b655f014bdf64f404efa54d < 5493571f4351f74e11db9943e98a07c56467cf7e

Linux 6b615a8fb3af0baf8126cde3d4fee97d57222ffc < 1891abe832cbf5a11039e088766131d0f1642d02

Linux 5cc679ba0f4505936124cd4179ba66bb0a4bd9f3 < 4602b8cee1481dbb896182e5cb1e8cf12910e9e7

References

https://git.kernel.org/stable/c/5493571f4351f74e11db9943e...
https://git.kernel.org/stable/c/1891abe832cbf5a11039e0887...
https://git.kernel.org/stable/c/4602b8cee1481dbb896182e5c...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.