Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added a bounds check for the durable handle context. A missing bounds check was added for the durable handle context...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the refcount leak in parsedurablehandlecontext. When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed a potential null-ptr-deref of leasectxinfo in smb2open. null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. The issue was fixed by checking whether leasectxinfo is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the owner of the durable handle upon reconnection. Currently, ksmbd does not verify whether the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any...

Exploit for CVE-2026-31717

CVE-2026-31717: ksmbd DHnC Durable-Handle Reconnect Access-Con...

SUSE CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

Linux Distros Unpatched Vulnerability : CVE-2026-31717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user w...

CVE-2026-31717

A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability allows an authenticated user to hijack an orphaned durable handle by predicting or brute-forcing its persistent ID. This could lead to unauthorized access to file sessions and potentially sensitive data or services...

CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

EUVD-2026-26526

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

CVE-2026-31717

In the Linux kernel ksmbd, a vulnerability allows an authenticated user to hijack an orphaned durable handle by reconnecting with a different security context. The issue stems from ksmbd not verifying that the requester’s SecurityContext matches the original opener when a durable handle is reconn...

CVE-2026-31717 ksmbd: validate owner of durable handle on reconnect

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

PT-2026-36347

Name of the Vulnerable Software and Affected Versions Linux kernel ksmbd affected versions not specified Description The ksmbd SMB server fails to verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows an authenticated user to...

PT-2026-36348

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module of the Linux kernel. When a durable file handle persists after a session disconnect TCP close without SMB2 LOGOFF, the session fd check...

CVE-2025-71204

A reference count leak flaw was found in the Linux kernel's ksmbd in-kernel SMB server. In the parsedurablehandlecontext function, when a command is detected as a replay operation and returns -ENOEXEC, the reference count of the ksmbdfile structure is not properly released. This leads to a resour...

SUSE CVE-2025-71204

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

CVE-2025-71204

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

CVE-2025-71204

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...