CVE-2026-43378 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free window.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-08 | Updated 2026-05-20 | Assigner Linux

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

unaffected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before e1b21e6066615e7d3d3a7aa2677e415e563fd7cc

affected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before b720c84087cb547f23ce03eab93568c1769e4556

affected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before 54b48ae83de8bb06e65079d96368efe359d4909c

affected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before 8f5b1a7cb009a93c48e9e334a2f59a660f9afc07

affected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before 190e5f808e8058640b408ccfed25440b441a718a

affected

e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 (git) before 1e689a56173827669a35da7cb2a3c78ed5c53680

affected

Default status

affected

5.15

affected

Any version before 5.15

unaffected

6.1.167 (semver)

unaffected

6.6.130 (semver)

unaffected

6.12.78 (semver)

unaffected

6.18.19 (semver)

unaffected

6.19.9 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/e1b21e6066615e7d3d3a7aa2677e415e563fd7cc

git.kernel.org/...c/b720c84087cb547f23ce03eab93568c1769e4556

git.kernel.org/...c/54b48ae83de8bb06e65079d96368efe359d4909c

git.kernel.org/...c/8f5b1a7cb009a93c48e9e334a2f59a660f9afc07

git.kernel.org/...c/190e5f808e8058640b408ccfed25440b441a718a

git.kernel.org/...c/1e689a56173827669a35da7cb2a3c78ed5c53680

cve.org (CVE-2026-43378)

nvd.nist.gov (CVE-2026-43378)

Download JSON