CVE-2026-45924
Awaiting Analysis Awaiting Analysis - Queue
ksmbd Path Handling Missing Cleanup in Linux Kernel

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths There are two places where ksmbd_vfs_kern_path_end_removing() needs to be called in order to balance what the corresponding successful call to ksmbd_vfs_kern_path_start_removing() has done, i.e. drop inode locks and put the taken references. Otherwise there might be potential deadlocks and unbalanced locks which are caught like: BUG: workqueue leaked lock or atomic: kworker/5:21/0x00000000/7596 last function: handle_ksmbd_work 2 locks held by kworker/5:21/7596: #0: ffff8881051ae448 (sb_writers#3){.+.+}-{0:0}, at: ksmbd_vfs_kern_path_locked+0x142/0x660 #1: ffff888130e966c0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: ksmbd_vfs_kern_path_locked+0x17d/0x660 CPU: 5 PID: 7596 Comm: kworker/5:21 Not tainted 6.1.162-00456-gc29b353f383b #138 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014 Workqueue: ksmbd-io handle_ksmbd_work Call Trace: <TASK> dump_stack_lvl+0x44/0x5b process_one_work.cold+0x57/0x5c worker_thread+0x82/0x600 kthread+0x153/0x190 ret_from_fork+0x22/0x30 </TASK> Found by Linux Verification Center (linuxtesting.org).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45924
EUVD
EUVD-2026-32390
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel 6.1.162-00456-gc29b353f383b
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ksmbd component, where a function called ksmbd_vfs_kern_path_end_removing() is not called on some error paths. This function is necessary to balance the earlier call to ksmbd_vfs_kern_path_start_removing(), which manages inode locks and reference counts.

Because ksmbd_vfs_kern_path_end_removing() is missing in some error scenarios, it can lead to unbalanced locks and references, potentially causing deadlocks or lock leaks in the kernel workqueue handling ksmbd operations.

The issue was identified by the Linux Verification Center and manifests as kernel bugs related to leaked locks or atomic operations during ksmbd work processing.

Impact Analysis

This vulnerability can cause deadlocks or lock leaks within the Linux kernel when handling SMB daemon (ksmbd) operations. Such kernel-level deadlocks may lead to system instability, degraded performance, or crashes.

If your system relies on the ksmbd service for SMB file sharing, this issue could disrupt file sharing services or cause unexpected system behavior.

Detection Guidance

This vulnerability can be detected by monitoring the Linux kernel logs for specific error messages related to ksmbd workqueue lock leaks and unbalanced locks.

Look for kernel log entries similar to the following, which indicate the presence of the issue:

  • BUG: workqueue leaked lock or atomic: kworker/5:21/0x00000000/7596
  • last function: handle_ksmbd_work
  • Locks held by kworker threads such as sb_writers and i_mutex_dir_key

You can use the following command to check kernel logs for these messages:

  • dmesg | grep -i 'workqueue leaked lock'
  • journalctl -k | grep -i 'ksmbd'

Additionally, monitoring for deadlocks or unusual behavior in ksmbd-related processes may help detect the vulnerability.

Mitigation Strategies

The vulnerability is resolved by ensuring that the function ksmbd_vfs_kern_path_end_removing() is called on all error paths to properly balance inode locks and references.

Immediate mitigation steps include:

  • Update the Linux kernel to a version that includes the fix for this vulnerability.
  • If updating is not immediately possible, monitor kernel logs for signs of the issue and consider restarting the ksmbd service or affected systems to clear potential deadlocks.
  • Avoid heavy ksmbd workloads that might trigger the bug until the patch is applied.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45924. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart