CVE-2026-43215

Source
https://cve.org/CVERecord?id=CVE-2026-43215
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43215.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43215
Downstream
Published
2026-05-06T11:28:17.425Z
Modified
2026-06-18T03:57:30.077465143Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
cifs: Fix locking usage for tcon fields
Details

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix locking usage for tcon fields

We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the corresponding structs. This was done to provide a more granular protection and avoid unnecessary serialization.

There were still a couple of uses of cifstcpseslock to provide tcon fields. In this patch, I've replaced them with tclock.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43215.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7d7a66aacd6fd8ca57baf08a7bac5421282f6f8
Fixed
953953abb66e52c224057ab91e404284fefeab62
Fixed
601dd3b79769b38d30b693c40afdb2a4b7edf9d0
Fixed
3969db6b22e3d90d8c5f22ac1a7fe0350a94c136
Fixed
8c59eeeeffa1524ef57e173a89a1a3ff539888d5
Fixed
96c4af418586ee9a6aab61738644366426e05316

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43215.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.0.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43215.json"