CVE-2026-46243

HIGH 7.1

smb: client: reject userspace cifs.spnego descriptions

CVSS Score

7.1

EPSS Score

0.0%

EPSS Percentile

4th

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating inputs. However, userspace can also create keys of this type through request_key(2) or add_key(2), allowing those fields to be supplied without CIFS origin. Only accept cifs.spnego descriptions while CIFS is using its private spnego_cred to request the key.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 1, 2026
Last Updated	Jun 5, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Linux / Linux

f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 7713bd320ed4fc3d08a227cd8e41242219a16981 f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 9544559e59438a4b609b2fdfa0763d8360572824 f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < cf20038657d6d4974349556a34e08fe0490bebbc f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 2035acfb17221729b1b8ac335e941868a04ca079 f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < a3bbda6502a9398b816fa2e71c9a3f955f58013d f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 91f89c1d83e80417629791fcef6af8140d7d01c8 f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 0aece6685fc80a8de492688ca2315fb86ec379c7 f1d662a7d5e5322e583aad6b3cfec03d8f27b435 < 3da1fdf4efbc490041eb4f836bf596201203f8f2

Linux / Linux

2.6.24

References

NVD ↗ CVE.org ↗ EPSS Data ↗