AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-68263: In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipc_msg_send_requ

infovulnerability

security

Source: NVD/CVE DatabaseDecember 16, 2025CVE-2025-68263

Summary

A use-after-free vulnerability (UAF, a bug where code accesses memory that has already been freed) was found in the Linux kernel's ksmbd component. The problem occurred when ipc_msg_send_request() freed memory while handle_response() was simultaneously trying to write data to it, causing a crash. This happened because the two functions didn't use the same lock (ipc_msg_table_lock, a mechanism that prevents multiple tasks from accessing shared data at the same time) when accessing shared data.

Solution / Mitigation

The fix involves three changes: (1) Taking ipc_msg_table_lock in ipc_msg_send_request() while validating entry->response, freeing it when invalid, and removing the entry from ipc_msg_table, (2) Returning the final entry->response pointer to the caller only after the hash entry is removed under the lock, and (3) Returning NULL in the error path to preserve the original API semantics. This ensures all accesses to entry->response are protected by the same lock, eliminating the race condition.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-68263

First tracked: February 15, 2026 at 08:36 PM

Classified by LLM (prompt v3) · confidence: 95%