DEBIAN-CVE-2023-54260

DEBIAN-CVE-2023-54260 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbd_destroy() will directly return, then the connection info will be leaked. Let's set the smb direct connection info to the server before call smbd_destroy().

Affected Products

Vendor	Product	Versions
Debian:14	linux	0, 0, 0
Debian:13	linux	0, 0, 0
Debian:12	linux	0, 0, 0
Debian:11	linux	5.10.140-1, 5.10.148-1, 5.10.149-1

Timeline

Dec 30, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-54260 advisory

Open in Interactive Console →