CVE-2026-23282 PUBLISHED

smb: client: fix oops due to uninitialised var in smb2_unlink()

Assigner: Linux
Reserved: 13.01.2026 Published: 25.03.2026 Updated: 25.03.2026

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix oops due to uninitialised var in smb2_unlink()

If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, hence calling SMB2_open_free(), SMB2_close_free() or smb2_set_related() on them will oops.

Fix this by initialising @close_iov and @open_iov before setting them in @rqst.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 1cf9f2a6a544288516a7b9e883a48eba6246bcf2 to 86163b98891aa9800f6103252e5acc7bb98afb91 (excl.) affected from 1cf9f2a6a544288516a7b9e883a48eba6246bcf2 to dc710c87af3341554d02d634ada1d2036c49a94a (excl.) affected from 1cf9f2a6a544288516a7b9e883a48eba6246bcf2 to 048efe129a297256d3c2088cf8d79515ff5ec864 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 6.17 is affected unaffected from 0 to 6.17 (excl.) unaffected from 6.18.17 to 6.18.* (incl.) unaffected from 6.19.7 to 6.19.* (incl.) unaffected from 7.0-rc3 to * (incl.)

CVE-2026-23282 PUBLISHED

smb: client: fix oops due to uninitialised var in smb2_unlink()

Product Status

References