Security Advisory

CVE-2026-23226

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-18 14:53:29

Last updated 2026-05-23 16:04:16

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray lacks synchronization, allowing use-after-free in multi-channel sessions (between lookup_chann_list() and ksmbd_chann_del). Adds rw_semaphore chann_lock to struct ksmbd_session and protects all xa_load/xa_store/xa_erase accesses.

← Browse all CVEs View on cve.org ↗