VYPR
Medium severity5.5NVD Advisory· Published Feb 18, 2026· Updated Jun 2, 2026

CVE-2026-23228

CVE-2026-23228

Description

In the Linux kernel, the following vulnerability has been resolved:

smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()

On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(), which does not decrement active_num_conn, leaking this counter.

Replace free_transport() with ksmbd_tcp_disconnect().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Linux/Kernel7 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.15.91,<5.15.201
    • cpe:2.3:o:linux:linux_kernel:6.2:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*
    • (no CPE)
    • (no CPE)range: 6.2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.