CVE-2025-71151
cifs: Fix memory and information leak in smb3_reconfigure()
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3_reconfigure() In smb3_reconfigure(), if smb3_sync_session_ctx_passwords() fails, the function returns immediately without freeing and erasing the newly allocated new_password and new_password2. This causes both a memory leak and a potential information leak. Fix this by calling kfree_sensitive() on both password buffers before returning in this error case.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | Jan 23, 2026 |
| Last Updated | May 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for linux linux
Be the first to know when new unknown vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Linux / Linux
880a661e67648a3ffe85405e8de5f50650a3c0b2 < bc390b2737205163e48cc1655f6a0c8cd55b02fc 0e4145774c016530bf99afb3675a1a0593c35642 < 5679cc90bb5415801fa29041da0319d9e15d295d 0f0e357902957fba28ed31bde0d6921c6bd1485d < bb82aaee16907dc4d0b9b0ca7953ceb3edc328c6 0f0e357902957fba28ed31bde0d6921c6bd1485d < cb6d5aa9c0f10074f1ad056c3e2278ad2cc7ec8d 674ba43944dab8e8f87434e25d9d10c5152584bc
Linux / Linux
6.13
References
git.kernel.org: https://git.kernel.org/stable/c/bc390b2737205163e48cc1655f6a0c8cd55b02fc git.kernel.org: https://git.kernel.org/stable/c/5679cc90bb5415801fa29041da0319d9e15d295d git.kernel.org: https://git.kernel.org/stable/c/bb82aaee16907dc4d0b9b0ca7953ceb3edc328c6 git.kernel.org: https://git.kernel.org/stable/c/cb6d5aa9c0f10074f1ad056c3e2278ad2cc7ec8d