CVE-2026-43378
Linux Kernel SMB Server Use-After-Free Vulnerability
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's SMB server component, specifically in the smb2_open() function.
The problem occurs because a pointer named opinfo, which is obtained via rcu_dereference(fp->f_opinfo), is accessed after the rcu_read_unlock() call. This creates a window where the pointer may reference freed memory, leading to a use-after-free condition.
How can this vulnerability impact me? :
A use-after-free vulnerability can lead to unpredictable behavior including system crashes, data corruption, or potential execution of arbitrary code by an attacker.
In this case, since it affects the SMB server in the Linux kernel, an attacker might exploit this flaw to compromise the server's stability or security, potentially gaining unauthorized access or causing denial of service.