CVE-2026-43239
Kernel Race Condition in SMB Client Component
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's SMB client implementation. It involves a race condition in the function responsible for querying interfaces (->query_interfaces()). Specifically, two concurrent query interface operations could attempt to update the interfaces at the same time, leading to potential inconsistencies or unexpected behavior.
The issue was resolved by adding a mechanism to check and update the iface_last_update variable while holding a lock (iface_lock), preventing concurrent updates and thus eliminating the race condition.
How can this vulnerability impact me? :
This vulnerability could lead to race conditions when multiple SMB client queries attempt to update interface information simultaneously. Such race conditions might cause inconsistent or corrupted interface data, potentially resulting in unexpected behavior or instability in SMB client operations on affected Linux systems.