What is CVE-2025-68226?

CVE-2025-68226 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.17.8 onward. CVE-2025-68226 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-68226?

CVE-2025-68226 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-68226?

No patch is currently available for CVE-2025-68226. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2025-68226 actively exploited?

CVE-2025-68226 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-68226

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfids_invalidation_worker() The previous commit bdb596ceb4b7 ("smb: client: fix potential UAF in smb2_close_cached_fid()") was an incomplete backport and missed one kref_put() call in cfids_invalidation_worker() that should have been converted to close_cached_dir().

Package Linux Kernel

Published 2025-12-16

Last modified 2026-04-15

Patch available

Not yet patched

Affected versions

Linux kernel versions 6.17.8 and later are affected. No fixed version recorded yet.

Affected from

≥ 6.17.8

References

The following references provide additional information about CVE-2025-68226 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/abd29b6e17a918fdd68352ce4813e167acc8727e
Patch