CVE-2026-23282 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-23282 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2_unlink() If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, hence calling SMB2_open_free(), SMB2_close_free() or smb2_set_related() on them will oops. Fix this by initialising @close_iov and @open_iov before setting them in @rqst.

EPSS 0.02% · 3.9th percentile

Risk Scores

EPSS Score

0.02%

3.9th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.17, 6.17, 6.17
Linux	Linux	0, 6.18.17, 6.19.7

Timeline

Mar 25, 2026 EPSS Score
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 29, 2026 Security Advisory
Apr 13, 2026 CVE Updated

References

Open in Interactive Console →