CVE-2026-45972
Published: May 27, 2026
Modified: May 30, 2026
CVSS v3.1
9.8
Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2_open_file() Zero out @err_iov and @err_buftype before retrying SMB2_open() to prevent an UAF bug if @data != NULL, otherwise a double free.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 743f70406264348c0830f38409eb6c40a42fb2db - < 96e53bb3ee2f354cf6b4ab07bcc56e500f8b3f74affected 3a6d6b332f92990958602c1e35ce0173e2dd62e9 - < 7425453ea16dbc3bbb0f6cac4d60b537e5e4d151affected b64e3b5d8d759dd4333992e4ba4dadf9359952c8 - < 4d339b219004869e96c4ce56b8891f83a38da4c0affected 9ee608a64e37cea5b4b13e436c559dd0fb2ad1b5 - < e66dcf7bb9c4df5582c82bc3582725abcbfbea73affected e3a43633023e3cacaca60d4b8972d084a2b06236 - < 639deb962986ef2f5e2a6d5a600c66f922471e81+5 more versions |
Linux | Linux | affected 6.19unaffected 0 - < 6.19unaffected 6.1.165 - <= 6.1.*unaffected 6.6.128 - <= 6.6.*unaffected 6.12.75 - <= 6.12.*+3 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now