CVE-2026-43377

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: Don't log keys in SMB3 signing and encryption key generation

When KSMBD_DEBUG_AUTH logging is enabled, generate_smb3signingkey() and generate_smb3encryptionkey() log the session, signing, encryption, and decryption key bytes. Remove the logs to avoid exposing credentials.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 4084ed720d7d5f4e975c9e4a6267a552dad3b24aaffected
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < fec5c70b82af3f59f15bb984df94e5ad1fccfb1eaffected
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 3fe2d9ec166b7df9a8df6c0fdcfc210572e27e3faffected
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 407cc37c21d51f9b9d4d20204b04890880cfa6aeaffected
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < c6b01b997a2094969e315f1ebfc1d64b8ae2163daffected
LinuxLinuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 441336115df26b966575de56daf7107ed474faedaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.18.20 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References