Linux kernel SMB CIFS tlink refcount leak
CVE-2025-40103 Published on October 30, 2025
smb: client: Fix refcount leak for cifs_sb_tlink
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Fix refcount leak for cifs_sb_tlink
Fix three refcount inconsistency issues related to `cifs_sb_tlink`.
Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be
called after successful calls to `cifs_sb_tlink()`. Three calls fail to
update refcount accordingly, leading to possible resource leaks.
Products Associated with CVE-2025-40103
stack.watch emails you whenever new vulnerabilities are published in Linux Kernel or Canonical Ubuntu Linux. Just hit a watch button to start following.
Affected Versions
Linux:- Version 8ceb984379462f94bdebef3288d569c6e1f912ea and below 790282abe9d805f08618c1c24ea2529e7259b692 is affected.
- Version 8ceb984379462f94bdebef3288d569c6e1f912ea and below d7dd034c14928306db1b46be277ae439b84dacf9 is affected.
- Version 8ceb984379462f94bdebef3288d569c6e1f912ea and below e15605b68b490186da2ad8029c0351a9cfb0b9af is affected.
- Version 8ceb984379462f94bdebef3288d569c6e1f912ea and below 896bb31e1416f582503db1350cf1bd10dc64e5a6 is affected.
- Version 8ceb984379462f94bdebef3288d569c6e1f912ea and below c2b77f42205ef485a647f62082c442c1cd69d3fc is affected.
- Version 3.7 is affected.
- Before 3.7 is unaffected.
- Version 6.1.158, <= 6.1.* is unaffected.
- Version 6.6.114, <= 6.6.* is unaffected.
- Version 6.12.55, <= 6.12.* is unaffected.
- Version 6.17.5, <= 6.17.* is unaffected.
- Version 6.18, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.