CVE-2025-39819
Description
In the Linux kernel, the following vulnerability has been resolved:fs/smb: Fix inconsistent refcnt updateA possible inconsistent update of refcount was identified in smb2_compound_op.Such inconsistent update could lead to possible resource leaks.Why it is a possible bug:1. In the comment section of the function, it clearly states that thereference to cfile should be dropped after calling this function.2. Every control flow path would check and drop the reference tocfile, except the patched one.3. Existing callers would not handle refcount update of cfile if-ENOMEM is returned.To fix the bug, an extra goto label out is added, to make sure that thecleanup logic would always be respected. As the problem is caused by theallocation failure of vars, the cleanup logic between label finishedand out can be safely ignored. According to the definition of functionis_replayable_error, the error code of -ENOMEM is not recoverable.Therefore, the replay logic also gets ignored.
Risk Information
Associated Vulnerability
No records foundPatch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234