CVE-2025-68300
Description
In the Linux kernel, the following vulnerability has been resolved:
fs/namespace: fix reference leak in grab_requested_mnt_ns
lookup_mnt_ns() already takes a reference on mnt_ns. grab_requested_mnt_ns() doesn't need to take an extra reference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Linux kernel reference leak in grab_requested_mnt_ns can cause memory leak, fixed in stable update.
CVE-2025-68300: Reference leak in Linux kernel's mount namespace
In the Linux kernel, a reference leak vulnerability exists in the grab_requested_mnt_ns function within fs/namespace.c. The function calls lookup_mnt_ns() which already takes a reference on the mnt_ns structure. However, grab_requested_mnt_ns incorrectly takes an additional reference, leading to a mismatch in reference counting [1].
This bug does not require any special privileges to trigger; it occurs during normal mount namespace operations. An attacker with the ability to trigger mount namespace transitions could repeatedly cause the reference count to increment without corresponding decrements, leading to a memory leak. The vulnerability is local and requires user interaction or specific system calls.
The impact is a gradual memory leak over time, which could eventually lead to denial of service if system memory is exhausted. No privilege escalation or data corruption is directly associated with this issue.
The fix is included in stable kernel updates. Users are advised to apply the patch from the referenced commit [1] to mitigate the vulnerability. There is no indication of active exploitation in the wild at this time.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.