CVE-2026-46155 smb/client: fix out-of-bounds read in smb2_compound_op()

🗓️ 28 May 2026 09:36:11Reported by LinuxType

Fix kernel out-of-bounds read in smb2_compound_op when server truncates response with large OutputBufferLength.

Reporter	Title	Published	Views	Family All 55
ATTACKERKB	CVE-2026-46155	28 May 202609:36	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1753)	27 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1754)	27 May 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-46155	3 Jun 202600:00	–	nessus
CBLMariner	CVE-2026-46155 affecting package kernel for versions less than 6.6.141.1-1	22 Jun 202621:21	–	cbl_mariner
CNNVD	Linux kernel 安全漏洞	28 May 202600:00	–	cnnvd
CVE	CVE-2026-46155	28 May 202609:36	–	cve
Debian CVE	CVE-2026-46155	28 May 202609:36	–	debiancve
EUVD	EUVD-2026-32782	28 May 202609:36	–	euvd
Microsoft CVE	smb/client: fix out-of-bounds read in smb2_compound_op()	29 May 202608:06	–	mscve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/client/smb2inode.c"
    ],
    "versions": [
      {
        "version": "7449d736bbbd160c76b01b8fcdf72f58a8757d4b",
        "lessThan": "dffb44b2e06a2908e249f0f93156fc987eee1d1c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "ea41367b2a602f602ea6594fc4a310520dcc64f4",
        "lessThan": "9b3af35645ff9cd334edc130249f9a2fb2bea25f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "ea41367b2a602f602ea6594fc4a310520dcc64f4",
        "lessThan": "512d33bc8ea4ea5c19728ee118715f4b1f4d1926",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "ea41367b2a602f602ea6594fc4a310520dcc64f4",
        "lessThan": "a16f70a71be4b5a4eccf39a9bf09b47285f4cb7c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "ea41367b2a602f602ea6594fc4a310520dcc64f4",
        "lessThan": "8d09328dfda089675e4c049f3f256064a1d1996b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6.6.32",
        "lessThan": "6.6.140",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/client/smb2inode.c"
    ],
    "versions": [
      {
        "version": "6.9",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.9",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.140",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.88",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.30",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0.7",
        "lessThanOrEqual": "7.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/dffb44b2e06a2908e249f0f93156fc987eee1d1c
git	www.git.kernel.org/stable/c/9b3af35645ff9cd334edc130249f9a2fb2bea25f
git	www.git.kernel.org/stable/c/512d33bc8ea4ea5c19728ee118715f4b1f4d1926
git	www.git.kernel.org/stable/c/a16f70a71be4b5a4eccf39a9bf09b47285f4cb7c
git	www.git.kernel.org/stable/c/8d09328dfda089675e4c049f3f256064a1d1996b

14 Jun 2026 17:58Current

CVSS 3.19.1

EPSS0.00478