Use-After-Free Vulnerability in Linux Kernel's ksmbd Component
CVE-2025-68263

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68263?

A use-after-free vulnerability was identified in the ksmbd component of the Linux kernel, specifically involving the ipc_msg_send_request function. The issue arises when ipc_msg_send_request interacts with a generic netlink reply while using an ipc_msg_table_entry. Under conditions of high concurrency, a race condition can occur, allowing handle_response to modify an entry's response after it has already been freed by ipc_msg_send_request. This flaw could lead to a slab-use-after-free situation, as reported by KASAN. Important measures have been implemented to secure this interaction by ensuring that the ipc_msg_table_lock is held during validation and freeing of the response, thereby closing the race condition and restoring consistency to the access of entry->response.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch