Remote Denial of Service Vulnerability in Linux Kernel ksmbd Module
CVE-2025-68246

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68246?

A vulnerability in the Linux kernel's ksmbd module allows for a remote denial of service when the per-IP connection limit is exceeded. Specifically, the error handling logic fails to close accepted sockets on connection rejection, leading to a situation where a single IP can leak multiple sockets for each rejected connection attempt. This bug, identified by ZeroPath, poses a risk of service interruption and requires attention to properly manage socket connections in the affected versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 7a3c7154d5fc05956a8ad9e72ecf49e21555bfca

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 5746b2a0f5eb3d79667b3c51fe849bd62464220e

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 4587a7826be1ae0190dba10ff70b46bb0e3bc7d3

References

https://git.kernel.org/stable/c/7a3c7154d5fc05956a8ad9e72...
https://git.kernel.org/stable/c/5746b2a0f5eb3d79667b3c51f...
https://git.kernel.org/stable/c/4587a7826be1ae0190dba10ff...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.