CVE-2025-38321
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-10

Last updated on: 2025-11-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in a "Dentry still in use" error, so add an error message that makes it clear this is what happened: [ 495.281119] CIFS: VFS: \\otters.example.com\share Out of memory while dropping dentries [ 495.281595] ------------[ cut here ]------------ [ 495.281887] BUG: Dentry ffff888115531138{i=78,n=/} still in use (2) [unmount of cifs cifs] [ 495.282391] WARNING: CPU: 1 PID: 2329 at fs/dcache.c:1536 umount_check+0xc8/0xf0 Also, bail out of looping through all tcons as soon as a single allocation fails, since we're already in trouble, and kmalloc() attempts for subseqeuent tcons are likely to fail just like the first one did.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-10
Last Modified
2025-11-18
Generated
2026-05-06
AI Q&A
2025-07-10
EPSS Evaluated
2026-05-05
NVD
CVE-2025-38321
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's SMB (CIFS) implementation. Under low-memory conditions, the function close_all_cached_dirs() fails to move dentries to a separate list for proper cleanup after locks are dropped. This results in a 'Dentry still in use' error, which can cause warnings and potential issues during unmounting of CIFS shares. The fix involves logging a clear error message when this failure happens and stopping further attempts to allocate memory for subsequent tcons when an allocation fails.


How can this vulnerability impact me? :

This vulnerability can cause errors and warnings related to dentries still being in use during unmounting of CIFS shares, especially under low-memory conditions. This may lead to instability or unexpected behavior in the filesystem operations involving SMB shares, potentially affecting system reliability or causing resource leaks.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring system logs for specific error messages related to CIFS and dentries under low-memory conditions. Look for log entries such as: "CIFS: VFS: \\otters.example.com\share Out of memory while dropping dentries" and "BUG: Dentry ... still in use". You can use commands like `dmesg | grep -i 'CIFS'` or `journalctl -k | grep -i 'dentry'` to find these errors in kernel logs.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include ensuring your system is running a Linux kernel version that includes the fix for this issue. Additionally, monitor system memory usage to avoid low-memory conditions that trigger this problem. If possible, update the kernel to the patched version where the error logging and bailout on allocation failure have been implemented.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart