← Back to CVE List
CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbd_sessions_deregister. The session can be freed before the connection is added to channel list of session. This patch check reference count of session before freeing it.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt