CVE-2026-23282

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix oops due to uninitialised var in smb2_unlink()

If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, hence calling SMB2_open_free(), SMB2_close_free() or smb2_set_related() on them will oops.

Fix this by initialising @close_iov and @open_iov before setting them in @rqst.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1cf9f2a6a544288516a7b9e883a48eba6246bcf2 < 86163b98891aa9800f6103252e5acc7bb98afb91affected
LinuxLinux1cf9f2a6a544288516a7b9e883a48eba6246bcf2 < dc710c87af3341554d02d634ada1d2036c49a94aaffected
LinuxLinux1cf9f2a6a544288516a7b9e883a48eba6246bcf2 < 048efe129a297256d3c2088cf8d79515ff5ec864affected
LinuxLinux6.17affected
LinuxLinux0 < 6.17unaffected
LinuxLinux6.18.17 <= 6.18.*unaffected
LinuxLinux6.19.7 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References