CVE-2025-71220

7.8 HIGH

Published: February 14, 2026 Modified: March 19, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() When ksmbd_iov_pin_rsp() fails, we should call ksmbd_session_rpc_close().

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://git.kernel.org/stable/c/04dd114b682a4ccaeba2c2bad049c8b50ce740d8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/2b7b4df87fe6f2db6ee45f475de6b37b8b8e5d29

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7c28f8eef5ac5312794d8a52918076dcd787e53b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a2c68e256fb7a4ac34154c6e865a1389acca839f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ac18761b530b5dd40f59af8a25902282e5512854

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fdda836fcee6fdbcccc24e3679097efb583f581f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

6 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.8 / 10.0

EPSS (Exploit Probability)

0.0%

3th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

linux