{"id":"CVE-2025-22074","summary":"ksmbd: fix r_count dec/increment mismatch","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix r_count dec/increment mismatch\n\nr_count is only increased when there is an oplock break wait,\nso r_count inc/decrement are not paired. This can cause r_count\nto become negative, which can lead to a problem where the ksmbd\nthread does not terminate.","modified":"2026-04-16T00:08:48.503047400Z","published":"2025-04-16T14:12:25.921Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22074.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/20378cf48359f39dee0ef9b61470ebe77bd49c0d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/457db486203c90e10c3efc87fd45cc7000b1cd36"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4790bcb269e5d6d88200a67c54ae6d627332a3be"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c2ec33d46b4d1c8085dab5d02e00b21f4f0fb8a9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ddb7ea36ba7129c2ed107e2186591128618864e1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/22xxx/CVE-2025-22074.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22074"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"09aeab68033161cb54f194da93e51a11aee6144b"},{"fixed":"4790bcb269e5d6d88200a67c54ae6d627332a3be"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a4261bbc33fbf99b99c80aa3a2c5097611802980"},{"fixed":"457db486203c90e10c3efc87fd45cc7000b1cd36"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f17d1c63a76b0fe8e9c78023a86507a3a6d62cfa"},{"fixed":"20378cf48359f39dee0ef9b61470ebe77bd49c0d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3aa660c059240e0c795217182cf7df32909dd917"},{"fixed":"c2ec33d46b4d1c8085dab5d02e00b21f4f0fb8a9"},{"fixed":"ddb7ea36ba7129c2ed107e2186591128618864e1"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-22074.json"}}],"schema_version":"1.7.5"}