Acknowledged
Created: May 5, 2025
Updated: Jan 21, 2026
Resolved Date: Jan 14, 2026
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in smb_break_all_levII_oplock()
There is a room in smb_break_all_levII_oplock that can cause racy issues
when unlocking in the middle of the loop. This patch use read lock
to protect whole loop.
========Wind River Notice========
The CVE is that there is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. The fix patch uses read lock to protect whole loop. The CVE only happens in fs/smb/server/oplock.c in the kernel samba server which is controlled by the config CONFIG_SMB_SERVER.
If CONFIG_SMB_SERVER is not set, the problem doesn't exist.
The mitigation is: Set CONFIG_SMB_SERVER=n in the kernel when build which is the default config in LTS22, and it doesn't impact the use on the userspace samba server.
