CVE-2026-23220
Severity
5.5MEDIUM
EPSS
0.0%
top 94.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 18
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
The problem occurs when a signed request fails smb2 signature verification
check. In __process_request(), if check_sign_req() returns an error,
set_smb2_rsp_status(work, STATUS_ACCESS_DENIED) is called.
set_smb2_rsp_status() set work->next_smb2_rcv_hdr_off as zero. By resetting
next_smb2_rcv_hdr_off to zero, the pointer to the next command in the cha…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux943cebf9ea3415ddefcd670d24d8883e97ba3d60 — fb3b66bd72deb5543addaefa67963b34fb163a7b+7
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-9wwr-2jh3-482p: In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
Th↗2026-02-18
OSV▶
CVE-2026-23220: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths The↗2026-02-18
📋Vendor Advisories
3Red Hat
▶
Debian▶
CVE-2026-23220: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...↗2026