SB20260502135 - Improper access control in Linux kernel smb server



SB20260502135 - Improper access control in Linux kernel smb server

Published: May 2, 2026 Updated: May 15, 2026

Security Bulletin ID SB20260502135
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper access control (CVE-ID: CVE-2026-31717)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear


The vulnerability allows a remote user to hijack an orphaned durable handle.

The vulnerability exists due to improper access control in durable handle reconnect validation in ksmbd when processing SMB2 durable handle reconnect requests. A remote user can predict or brute-force the persistent ID and reconnect to the orphaned handle to hijack an orphaned durable handle.

The issue occurs because the reconnecting user's security context is not verified against the original opener's identity.


Remediation

Install update from vendor's website.