CVE-2026-23228 PUBLISHED

smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()

Assigner: Linux
Reserved: 13.01.2026 Published: 18.02.2026 Updated: 18.02.2026

In the Linux kernel, the following vulnerability has been resolved:

smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()

On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(), which does not decrement active_num_conn, leaking this counter.

Replace free_transport() with ksmbd_tcp_disconnect().

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 787769c8cc50416af7b8b1a36e6bcd6aaa7680aa (excl.) affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to baf664fc90a6139a39a58333e4aaa390c10d45dc (excl.) affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to cd25e0d809531a67e9dd53b19012d27d2b13425f (excl.) affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 599271110c35f6b16e2e4e45b9fbd47ed378c982 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected unaffected from 6.6.125 to 6.6.* (incl.) unaffected from 6.12.72 to 6.12.* (incl.) unaffected from 6.18.11 to 6.18.* (incl.) unaffected from 6.19.1 to 6.19.* (incl.)

CVE-2026-23228 PUBLISHED

smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()

Product Status

References