CVE-2026-43239

Source
https://cve.org/CVERecord?id=CVE-2026-43239
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43239.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43239
Downstream
Related
Published
2026-05-06T11:28:33.623Z
Modified
2026-07-02T09:29:14.891578264Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
smb: client: prevent races in ->query_interfaces()
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: prevent races in ->query_interfaces()

It was possible for two query interface works to be concurrently trying to update the interfaces.

Prevent this by checking and updating ifacelastupdate under iface_lock.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43239.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
aa45dadd34e44fcd6a9df4b395bee5b5633b4cec
Fixed
93e8e3ee165ae4609a1222b516b573837103d2c3
Fixed
ab6564f416a6eaf1199200b6100952407b438f7d
Fixed
6287eefaf21ec805d42f941bd368018cf397a7f5
Fixed
76cc4faba0343c6db945b8dc75425b33d633e1b8
Fixed
c3c06e42e1527716c54f3ad2ced6a034b5f3a489

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43239.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.19.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43239.json"