Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-52911

Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
21/06/2026
Última modificación:
08/07/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ksmbd: scope conn-&gt;binding slowpath to bound sessions only<br /> <br /> When the binding SESSION_SETUP sets conn-&gt;binding = true, the flag stays<br /> set after the call so that the global session lookup in<br /> ksmbd_session_lookup_all() can find the session, which was not added to<br /> conn-&gt;sessions. Because the flag is connection-wide, the global lookup<br /> path will also resolve any other session by id if asked.<br /> <br /> Tighten the global lookup so that the returned session must have this<br /> connection registered in its channel xarray (sess-&gt;ksmbd_chann_list).<br /> The channel entry is installed by the existing binding_session path in<br /> ntlm_authenticate()/krb5_authenticate() when a SESSION_SETUP completes<br /> successfully, so this condition is a strict equivalent of "this<br /> connection has been accepted as a channel of this session". Connections<br /> that have not bound to a given session cannot reach it via the global<br /> table.<br /> <br /> The existing conn-&gt;binding gate for entering the slowpath is preserved<br /> so that non-binding connections keep the fast-path-only behavior, and<br /> the session-&gt;state check is unchanged.

Productos y versiones vulnerables

CPE Desde Hasta
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.15 (incluyendo) 5.15.209 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (incluyendo) 6.1.175 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (incluyendo) 6.6.141 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (incluyendo) 6.12.91 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.13 (incluyendo) 6.18.33 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.19 (incluyendo) 7.0.10 (excluyendo)