CVE-2025-68246
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: close accepted socket when per-IP limit rejects connection
When the per-IP connection limit is exceeded in ksmbd_kthread_fn(), the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket. That leaks one socket per rejected attempt from a single IP and enables a trivial remote DoS.
Release client_sk before continuing.
This bug was found with ZeroPath.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A socket leak in ksmbd allows a remote attacker to exhaust server resources by sending rejected connections that are never closed.
Vulnerability
In the Linux kernel's ksmbd (SMB server), when the per-IP connection limit is exceeded, the code in ksmbd_kthread_fn() sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket. This results in a socket leak for every rejected connection attempt from a single IP address.
Exploitation
An unauthenticated remote attacker can repeatedly connect to the ksmbd service from a single IP address. Each connection that would be rejected due to exceeding the per-IP limit will leak a socket, gradually consuming system resources such as file descriptors and memory.
Impact
By sending a high rate of connection attempts, an attacker can exhaust available sockets, leading to a denial-of-service (DoS) condition where further legitimate connections to the SMB server are prevented. This is a trivial remote DoS vulnerability.
Mitigation
The fix is to properly close the accepted socket (client_sk) before continuing the loop when the per-IP limit is exceeded. The patch was applied to the Linux kernel stable branches [1][2]. Users should update to a kernel version containing the fix.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/35521b5a7e8a184548125f4530552101236dcda1nvd
- git.kernel.org/stable/c/4587a7826be1ae0190dba10ff70b46bb0e3bc7d3nvd
- git.kernel.org/stable/c/5746b2a0f5eb3d79667b3c51fe849bd62464220envd
- git.kernel.org/stable/c/7a3c7154d5fc05956a8ad9e72ecf49e21555bfcanvd
- git.kernel.org/stable/c/98a5fd31cbf72d46bf18e50b3ab0ce86d5f319a9nvd
News mentions
0No linked articles in our index yet.