CVE-2026-23226Use After Free in Linux

CWE-416Use After Free8 documents8 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedFeb 18

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray lacks synchronization, allowing use-after-free in multi-channel sessions (between lookup_chann_list() and ksmbd_chann_del). Adds rw_semaphore chann_lock to struct ksmbd_session and protects all xa_load/xa_store/xa_erase accesses.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel6.36.18.11+1
Debianlinux/linux_kernel< 6.18.12-1
CVEListV5linux/linux1d9c4172110e645b383ff13eee759728d74f1a5d4c2ca31608521895dd742a43beca4b4d29762345+7

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23226: In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray l2026-02-18
GHSA
GHSA-5jgq-pv8m-5cx7: In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray2026-02-18
CVEList
ksmbd: add chann_lock to protect ksmbd_chann_list xarray2026-02-18

📋Vendor Advisories

3
Red Hat
kernel: ksmbd: add chann_lock to protect ksmbd_chann_list xarray2026-02-18
Microsoft
ksmbd: add chann_lock to protect ksmbd_chann_list xarray2026-02-10
Debian
CVE-2026-23226: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: add ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23226 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23226 — Use After Free in Linux | cvebase