Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2_unlink() If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, hence calling SMB2_open_free(), SMB2_close_free() or smb2_set_related() on them will oops. Fix this by initialising @close_iov and @open_iov before setting them in @rqst.

INFO

Published Date :

2026-03-25T10:26:42.495Z

Last Modified :

2026-04-13T06:03:33.890Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23282 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23282.

URL Resource
https://git.kernel.org/stable/c/048efe129a297256d3c2088cf8d79515ff5ec864 cve-icon cve-icon
https://git.kernel.org/stable/c/86163b98891aa9800f6103252e5acc7bb98afb91 cve-icon cve-icon
https://git.kernel.org/stable/c/dc710c87af3341554d02d634ada1d2036c49a94a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23282 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23282 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact