PT-2025-14326 · Linux+6 · Linux Kernel+6

Published

2025-02-26

Updated

2026-05-26

CVE-2025-21945

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue has been identified in the Linux kernel, specifically in the ksmbd component related to smb2 lock. This occurs when smb lock->zero len has a value, and the ->llist of smb lock is not deleted, resulting in an old flock. This situation can lead to a use-after-free error during error handling routines.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2025-12647

ALT-PU-2025-5786

BDU:2025-04649

CVE-2025-21945

DLA-4193-1

DSA-5900-1

ECHO-142C-88E3-3EC5

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7802-1

USN-7809-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2025-14326 · Linux+6 · Linux Kernel+6

CVE-2025-21945

Weakness Enumeration

Related Identifiers

Affected Products

References · 282