CVE-2026-23427 — Expired Pointer Dereference in Linux

CWE-825 — Expired Pointer Dereference6 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 93.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parse_durable_handle_context() unconditionally assigns dh_info->fp->conn to the current connection when handling a DURABLE_REQ_V2 context with SMB2_FLAGS_REPLAY_OPERATION. ksmbd_lookup_fd_cguid() does not filter by fp->conn, so it returns file handles that are already actively connected. The unconditional overwrite replaces fp->conn, and when the overwriting…

Affected Packages3 packages

▶debiandebian/linux< linux 6.19.10-1 (forky)

▶Debianlinux/linux_kernel< 6.19.10-1

▶CVEListV5linux/linux8df4bcdb0a4232192b2445256c39b787d58ef14d — b0158d9d6f4ec5941e49a0b812735db2844f9975+5

🔴Vulnerability Details

GHSA

GHSA-vrjp-x986-3fqm: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parse_dura↗2026-04-03

▶

OSV

CVE-2026-23427: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parse_durabl↗2026-04-03

▶

📋Vendor Advisories

Red Hat

kernel: ksmbd: fix use-after-free in durable v2 replay of active file handles↗2026-04-03

▶

Debian

CVE-2026-23427: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23427 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶