Home

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths There are two places where ksmbd_vfs_kern_path_end_removing() needs to be called in order to balance what the corresponding successful call to ksmbd_vfs_kern_path_start_removing() has done, i.e. drop inode locks and put the taken references. Otherwise there might be potential deadlocks and unbalanced locks which are caught like: BUG: workqueue leaked lock or atomic: kworker/5:21/0x00000000/7596 last function: handle_ksmbd_work 2 locks held by kworker/5:21/7596: #0: ffff8881051ae448 (sb_writers#3){.+.+}-{0:0}, at: ksmbd_vfs_kern_path_locked+0x142/0x660 #1: ffff888130e966c0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: ksmbd_vfs_kern_path_locked+0x17d/0x660 CPU: 5 PID: 7596 Comm: kworker/5:21 Not tainted 6.1.162-00456-gc29b353f383b #138 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014 Workqueue: ksmbd-io handle_ksmbd_work Call Trace: <TASK> dump_stack_lvl+0x44/0x5b process_one_work.cold+0x57/0x5c worker_thread+0x82/0x600 kthread+0x153/0x190 ret_from_fork+0x22/0x30 </TASK> Found by Linux Verification Center (linuxtesting.org).

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status
unaffected

9d5012ffe14120f978ee34aef4df3d6cb026b7c4 (git) before 8e3a3192ef78d8302916408d62813b1fddfc8972
affected

ac98d54630d5b52e3f684d872f0d82c06c418ea9 (git) before f221baa80e5959a0c08a7e34abbf2a4d3cf0e1c2
affected

1e858a7a51c7b8b009d8f246de7ceb7743b44a71 (git) before cf29329a13df79c198b45dfc92577638d30b56fa
affected

814cfdb6358d9b84fcbec9918c8f938cc096a43a (git) before 34d6691933682f0516259a31b39d2cebcedec0a5
affected

d5fc1400a34b4ea5e8f2ce296ea12bf8c8421694 (git) before 0c578e8065c4b08d5635a4cbc0f6321df9d20f79
affected

d5fc1400a34b4ea5e8f2ce296ea12bf8c8421694 (git) before 4c38600feb81c670edb82e49d201d3d2d00cd4c3
affected

d5fc1400a34b4ea5e8f2ce296ea12bf8c8421694 (git) before a09dc10d1353f0e92c21eae2a79af1c2b1ddcde8
affected

a7dddd62578c2eb6cb28b8835556a121b5157323 (git)
affected

a726fef6d7d4cfc365d3434e3916dbfe78991a33 (git)
affected

5.15.190 (semver) before 5.15.203
affected

6.1.149 (semver) before 6.1.167
affected

6.6.103 (semver) before 6.6.130
affected

6.12.43 (semver) before 6.12.78
affected

6.15.11 (semver) before 6.16
affected

6.16.2 (semver) before 6.17
affected

Default status
affected

6.17
affected

Any version before 6.17
unaffected

5.15.203 (semver)
unaffected

6.1.167 (semver)
unaffected

6.6.130 (semver)
unaffected

6.12.78 (semver)
unaffected

6.18.17 (semver)
unaffected

6.19.4 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/8e3a3192ef78d8302916408d62813b1fddfc8972

git.kernel.org/...c/f221baa80e5959a0c08a7e34abbf2a4d3cf0e1c2

git.kernel.org/...c/cf29329a13df79c198b45dfc92577638d30b56fa

git.kernel.org/...c/34d6691933682f0516259a31b39d2cebcedec0a5

git.kernel.org/...c/0c578e8065c4b08d5635a4cbc0f6321df9d20f79

git.kernel.org/...c/4c38600feb81c670edb82e49d201d3d2d00cd4c3

git.kernel.org/...c/a09dc10d1353f0e92c21eae2a79af1c2b1ddcde8

cve.org (CVE-2026-45924)

nvd.nist.gov (CVE-2026-45924)

Download JSON