CRITICALCVE-2026-43378Published Modified CNA Linux
CVE-2026-43378: smb: server: fix use-after-free in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free window.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 0
- Affected Products
- 2
Fix available
0190e5f808e8058640b408ccfed25440b441a718a1e689a56173827669a35da7cb2a3c78ed5c5368054b48ae83de8bb06e65079d96368efe359d4909c6.1.1676.6.1306.12.786.18.196.19.97.08f5b1a7cb009a93c48e9e334a2f59a660f9afc07b720c84087cb547f23ce03eab93568c1769e4556e1b21e6066615e7d3d3a7aa2677e415e563fd7cc
Affected packages
- Linux / Linux< e1b21e6066615e7d3d3a7aa2677e415e563fd7cc (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9) · < b720c84087cb547f23ce03eab93568c1769e4556 (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9) · < 54b48ae83de8bb06e65079d96368efe359d4909c (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9) · < 8f5b1a7cb009a93c48e9e334a2f59a660f9afc07 (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9) · < 190e5f808e8058640b408ccfed25440b441a718a (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9) · < 1e689a56173827669a35da7cb2a3c78ed5c53680 (from e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9)
- Linux / Linux5.15Fixed in 0, 6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H