CVE-2026-46243
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating inputs. However, userspace can also create keys of this type through request_key(2) or add_key(2), allowing those fields to be supplied without CIFS origin. Only accept cifs.spnego descriptions while CIFS is using its private spnego_cred to request the key.
CVSS Metrics
- v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Trends
Current EPSS score: 0.14%• Percentile: 4%
Techniques & Countermeasures
- CWE-20•Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Affected Systems
- linux•linux
≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 7713bd320ed4fc3d08a227cd8e41242219a16981 | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 9544559e59438a4b609b2fdfa0763d8360572824 | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < cf20038657d6d4974349556a34e08fe0490bebbc | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 2035acfb17221729b1b8ac335e941868a04ca079 | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < a3bbda6502a9398b816fa2e71c9a3f955f58013d | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 91f89c1d83e80417629791fcef6af8140d7d01c8 | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 0aece6685fc80a8de492688ca2315fb86ec379c7 | ≥ f1d662a7d5e5322e583aad6b3cfec03d8f27b435, < 3da1fdf4efbc490041eb4f836bf596201203f8f2 | 2.6.24
- linux•linux_kernel
≥ 2.6.24.1, < 5.10.258 | ≥ 5.11, < 5.15.209 | ≥ 5.16, < 6.1.175 | ≥ 6.2, < 6.6.142 | ≥ 6.7, < 6.12.92 | ≥ 6.13, < 6.18.34 | ≥ 6.19, < 7.0.11 | 2.6.24 | 2.6.24:rc3 | 2.6.24:rc4 | 2.6.24:rc5 | 2.6.24:rc6 | 2.6.24:rc7 | 2.6.24:rc8 | 7.1:rc1 | 7.1:rc2 | 7.1:rc3 | 7.1:rc4
References (10)
- https://git.kernel.org/stable/c/7713bd320ed4fc3d08a227cd8e41242219a16981
- https://git.kernel.org/stable/c/9544559e59438a4b609b2fdfa0763d8360572824
- https://git.kernel.org/stable/c/cf20038657d6d4974349556a34e08fe0490bebbc
- https://git.kernel.org/stable/c/2035acfb17221729b1b8ac335e941868a04ca079
- https://git.kernel.org/stable/c/a3bbda6502a9398b816fa2e71c9a3f955f58013d
- https://git.kernel.org/stable/c/91f89c1d83e80417629791fcef6af8140d7d01c8
- https://git.kernel.org/stable/c/0aece6685fc80a8de492688ca2315fb86ec379c7
- https://git.kernel.org/stable/c/3da1fdf4efbc490041eb4f836bf596201203f8f2
- https://github.com/manizada/CIFSwitch
- http://www.openwall.com/lists/oss-security/2026/06/01/6