VDB

DEBIAN-CVE-2025-68246

DEBIAN-CVE-2025-68246 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbd_kthread_fn(), the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket. That leaks one socket per rejected attempt from a single IP and enables a trivial remote DoS. Release client_sk before continuing. This bug was found with ZeroPath.

Affected Products

VendorProductVersions
Debian:12linux0, 6.1.38-3, 6.1.128-1
Debian:11linux-6.16.1.158-1, 0, 6.1.106-3~deb11u1
Debian:14linux6.17.8-1, *, 6.16.3-1
Debian:13linux0, 6.12.38-1, 6.12.43-1

Exploit Intelligence

Timeline

  • Dec 16, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›