Remote Denial of Service Vulnerability in Linux Kernel ksmbd Module
CVE-2025-68246

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68246?

A vulnerability in the Linux kernel's ksmbd module allows for a remote denial of service when the per-IP connection limit is exceeded. Specifically, the error handling logic fails to close accepted sockets on connection rejection, leading to a situation where a single IP can leak multiple sockets for each rejected connection attempt. This bug, identified by ZeroPath, poses a risk of service interruption and requires attention to properly manage socket connections in the affected versions.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7a3c7154d5fc05956a8ad9e72ecf49e21555bfca

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5746b2a0f5eb3d79667b3c51fe849bd62464220e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4587a7826be1ae0190dba10ff70b46bb0e3bc7d3

References

https://git.kernel.org/stable/c/7a3c7154d5fc05956a8ad9e72...

https://git.kernel.org/stable/c/5746b2a0f5eb3d79667b3c51f...

https://git.kernel.org/stable/c/4587a7826be1ae0190dba10ff...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Dec 16, 2025

JSON