CVE-2026-45972

smb: client: fix potential UAF and double free in smb2openfile...

PT-2026-43839

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF and double free issue exists in the SMB client. The problem occurs within the smb2 open file function when retrying SMB2 open. If the data variable is not null, a UA...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb/server: fixed a potential null-ptr-deref of leasectxinfo in smb2open A null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. This issue can be fixed by checking whether...

SUSE CVE-2026-43378

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

CVE-2026-43378

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

CVE-2026-43378

CVE-2026-43378 affects the Linux kernel SMB server (smb2_open). A use-after-free arises because the opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free window. Multiple sources (SUSE, Red Hat, Debian OSV, Ubuntu, Debian t...

CVE-2026-43378 smb: server: fix use-after-free in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the pointer opinfo obtained through rcudereference in smb2open being rereferenced after rcureadunlock,...

PT-2026-39039

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SMB server component. The opinfo pointer, obtained through the rcu dereferencefp-f opinfo function, is dereferenced after the rcu read unlock functio...

CVE-2026-31706

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

SUSE CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2026-23205 smb/client: fix memory leak in smb2_open_file()

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

CVE-2025-71223

CVE-2025-71223 affects the Linux kernel's ksmbd SMB server path (smb2_open and ksmbd_vfs_getattr). The issue is a refcount leak when ksmbd_vfs_getattr() fails, potentially causing resource leakage and local impact. A kernel update fixing the refcount leak is provided by the referenced advisories ...

CVE-2025-71223 smb/server: fix refcount leak in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

Linux Distros Unpatched Vulnerability : CVE-2026-23205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client...

kernel: smb/client: fix memory leak in smb2_open_file()

A memory leak flaw was found in the Linux kernel's CIFS/SMB client. In the smb2openfile function, request buffers are not properly freed when performing direct I/O writes to a read-only SMB share. This causes slab cache objects to remain allocated, which can prevent the cifs module from unloading...

DEBIAN-CVE-2023-53061

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2open Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posixaclrelease...

PT-2026-8180

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the smb2 open function within the ksmbd server component of the Linux kernel. This occurs when the ksmbd vfs getattr function fails, and the reference...