Back to search
CVE-2026-23303
Published: Mar 25, 2026
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing credentials.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8a8798a5ff90977d6459ce1d657cf8fe13a51e97 - < e5a3b11e07b335006371915b2da47b6056c9e3bcaffected 8a8798a5ff90977d6459ce1d657cf8fe13a51e97 - < 54c570de9a35860dfa85fe668f23ddfda8cc7e26affected 8a8798a5ff90977d6459ce1d657cf8fe13a51e97 - < ff0ece8ed04180c52167c003362284b23cf54e8daffected 8a8798a5ff90977d6459ce1d657cf8fe13a51e97 - < 3990f352bb0adc8688d0949a9c13e3110570eb61affected 8a8798a5ff90977d6459ce1d657cf8fe13a51e97 - < b746a357abfb8fdb0a171d51ec5091e786d34be1+3 more versions |
Linux | Linux | affected 3.3unaffected 0 - < 3.3unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now