Memory Leak Vulnerability in CIFS Client Component of Linux Kernel
CVE-2025-68295
What is CVE-2025-68295?
A memory leak has been identified in the CIFS client component of the Linux kernel. This issue arises when a multiuser mount is used with a specified domain, along with cifscreds for credential management. The vulnerability occurs due to the failure to free the domain name allocated memory before exiting the function cifs_construct_tcon(). As a result, the system may leak memory under certain conditions, which could lead to resource exhaustion over time. This vulnerability specifically impacts scenarios where the CIFS protocol is employed for file sharing across networked environments. The issue is resolved in subsequent updates to maintain system integrity.
Affected Version(s)
Linux f2aee329a68f5a907bcff11a109dfe17c0b41aeb
Linux f2aee329a68f5a907bcff11a109dfe17c0b41aeb
Linux f2aee329a68f5a907bcff11a109dfe17c0b41aeb < 3dd546e867e94c2f954bca45a961b6104ba708b6