SB20260529102 - Out-of-bounds read in Linux kernel smb client



SB20260529102 - Out-of-bounds read in Linux kernel smb client

Published: May 29, 2026

Security Bulletin ID SB20260529102
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Out-of-bounds read (CVE-ID: CVE-2026-46185)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to disclose sensitive information.

The vulnerability exists due to out-of-bounds read in symlink_data() when processing an SMB2 symlink error response. A remote attacker can send a specially crafted SMB2 response to disclose sensitive information.

The issue can occur when the response buffer is shorter than the expected SMB2 error response structure.


Remediation

Install update from vendor's website.