Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifs_construct_tcon() When having a multiuser mount with domain= specified and using cifscreds, cifs_set_cifscreds() will end up setting @ctx->domainname, so it needs to be freed before leaving cifs_construct_tcon(). This fixes the following memory leak reported by kmemleak: mount.cifs //srv/share /mnt -o domain=ZELDA,multiuser,... su - testuser cifscreds add -d ZELDA -u testuser ... ls /mnt/1 ... umount /mnt echo scan > /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak unreferenced object 0xffff8881203c3f08 (size 8): comm "ls", pid 5060, jiffies 4307222943 hex dump (first 8 bytes): 5a 45 4c 44 41 00 cc cc ZELDA... backtrace (crc d109a8cf): __kmalloc_node_track_caller_noprof+0x572/0x710 kstrdup+0x3a/0x70 cifs_sb_tlink+0x1209/0x1770 [cifs] cifs_get_fattr+0xe1/0xf50 [cifs] cifs_get_inode_info+0xb5/0x240 [cifs] cifs_revalidate_dentry_attr+0x2d1/0x470 [cifs] cifs_getattr+0x28e/0x450 [cifs] vfs_getattr_nosec+0x126/0x180 vfs_statx+0xf6/0x220 do_statx+0xab/0x110 __x64_sys_statx+0xd5/0x130 do_syscall_64+0xbb/0x380 entry_SYSCALL_64_after_hwframe+0x77/0x7f
Product status
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before ff8f9bd1c46ee02d5558293915d42e82646d5ee9
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before d146e96fef876492979658dce644305de35878d4
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before 3dd546e867e94c2f954bca45a961b6104ba708b6
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before f62ffdfb431bdfa4b6d24233b7fd830eca0b801e
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before f15288c137d960836277d0e3ecc62de68e52f00f
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before a67e91d5f446e455dd9201cdd6e865f7078d251d
f2aee329a68f5a907bcff11a109dfe17c0b41aeb (git) before 3184b6a5a24ec9ee74087b2a550476f386df7dc2
1456d3cea31114137fabf1110d20a2e2c6d6060f (git)
16764d7486d02b1699ae16e91d7a577602398b17 (git)
904847402bd74a28164bd4d8da082d1eace7c190 (git)
325fa2a6729b74b2806b31725940cb54658515e5 (git)
8db988a982908b7bff76e095000adabf9c29698b (git)
5.3
Any version before 5.3
5.10.247 (semver)
5.15.197 (semver)
6.1.159 (semver)
6.6.119 (semver)
6.12.61 (semver)
6.17.11 (semver)
6.18 (original_commit_for_fix)
References
git.kernel.org/...c/ff8f9bd1c46ee02d5558293915d42e82646d5ee9
git.kernel.org/...c/d146e96fef876492979658dce644305de35878d4
git.kernel.org/...c/3dd546e867e94c2f954bca45a961b6104ba708b6
git.kernel.org/...c/f62ffdfb431bdfa4b6d24233b7fd830eca0b801e
git.kernel.org/...c/f15288c137d960836277d0e3ecc62de68e52f00f
git.kernel.org/...c/a67e91d5f446e455dd9201cdd6e865f7078d251d
git.kernel.org/...c/3184b6a5a24ec9ee74087b2a550476f386df7dc2
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
