33 matches found
CVE-2026-53271
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...
CVE-2026-53271
CVE-2026-53271 affects the Linux kernel ksmbd component. The vulnerability is a NULL-deref in oplock/lease break notifiers: smb2_oplock_break_noti() and smb2_lease_break_noti() read opinfo->conn into a local buffer without READ_ONCE and without a NULL check. After opinfo_get_list() drops ci-&g...
CVE-2026-53271 ksmbd: fix NULL-deref of opinfo->conn in oplock/lease break notifiers
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...
PT-2026-52366
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-dereference issue exists in the ksmbd module. The functions smb2 oplock break noti and smb2 lease break noti read the opinfo-conn variable without using READ ONCE or performing a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-after-free issue in smblazyparentleasebreakclose has been fixed. The opinfo pointer, which is obtained through rcudereferencefp-fopinfo, is accessed after rcureadunlock has been called. This creates a race conditio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed issues with use-after-free and NULL dereferencing in smbgrantoplock. smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is...
SUSE CVE-2026-43378
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...
SUSE CVE-2026-43379
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
CVE-2026-43379
A flaw was found in ksmbd, a component of the Linux kernel. A race condition exists where a pointer to opinfo is accessed after its associated memory may have been freed by a concurrent operation. This use-after-free vulnerability can lead to memory corruption, potentially causing system...
EUVD-2026-28682
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
CVE-2026-43379
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
UBUNTU-CVE-2026-43379
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
CVE-2026-43379
CVE-2026-43379 affects ksmbd (Linux kernel) with a use-after-free in smb_lazy_parent_lease_break_close. The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is accessed after rcu_read_unlock(), creating a race where the memory could be freed by a concurrent writer before subsequent de...
CVE-2026-43379
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
CVE-2026-43379 ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
CVE-2026-43379 ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...
CVE-2026-43378
CVE-2026-43378 affects the Linux kernel SMB server (smb2_open). A use-after-free arises because the opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free window. Multiple sources (SUSE, Red Hat, Debian OSV, Ubuntu, Debian t...
CVE-2026-43378 smb: server: fix use-after-free in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...
CVE-2026-43376
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pointer opinfo obtained through rcudereference in smb2open being rereferenced after rcureadunlock,...