CVE-2026-23205 is a vulnerability in Linux Kernel

CVE-2026-23205 is a vulnerability in Linux Kernel
Published on February 14, 2026

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2_open_file() Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //${server_ip}/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4. client: umount /mnt 5. client: sleep 1 6. client: modprobe -r cifs The error message is as follows: ============================================================================= BUG cifs_small_rq (Not tainted): Objects remaining on __kmem_cache_shutdown() ----------------------------------------------------------------------------- Object 0x00000000d47521be @offset=14336 ... WARNING: mm/slub.c:1251 at __kmem_cache_shutdown+0x34e/0x440, CPU#0: modprobe/1577 ... Call Trace: <TASK> kmem_cache_destroy+0x94/0x190 cifs_destroy_request_bufs+0x3e/0x50 [cifs] cleanup_module+0x4e/0x540 [cifs] __se_sys_delete_module+0x278/0x400 __x64_sys_delete_module+0x5f/0x70 x64_sys_call+0x2299/0x2ff0 do_syscall_64+0x89/0x350 entry_SYSCALL_64_after_hwframe+0x76/0x7e ... kmem_cache_destroy cifs_small_rq: Slab cache still has objects when called from cifs_destroy_request_bufs+0x3e/0x50 [cifs] WARNING: mm/slab_common.c:532 at kmem_cache_destroy+0x16b/0x190, CPU#0: modprobe/1577

Products Associated with CVE-2026-23205

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-23205 are published in Linux Kernel:

Affected Versions

Version 17e53a15e64b65623b8f2b1185d27d7b1cbf69ab and below 743f70406264348c0830f38409eb6c40a42fb2db is affected.

Version 18066188eb90cc0c798f3370a8078a79ddb73f70 and below 3a6d6b332f92990958602c1e35ce0173e2dd62e9 is affected.

Version 6ebb9d54eccc8026b386e76eff69364d33373da5 and below b64e3b5d8d759dd4333992e4ba4dadf9359952c8 is affected.

Version e255612b5ed9f179abe8196df7c2ba09dd227900 and below 9ee608a64e37cea5b4b13e436c559dd0fb2ad1b5 is affected.

Version e255612b5ed9f179abe8196df7c2ba09dd227900 and below e3a43633023e3cacaca60d4b8972d084a2b06236 is affected.

Version bcd15f06c7e8904116cfb06526bcc189b86aff85 is affected.

Version 6.15 is affected.

Before 6.15 is unaffected.

Version 6.1.163, <= 6.1.* is unaffected.

Version 6.6.124, <= 6.6.* is unaffected.

Version 6.12.70, <= 6.12.* is unaffected.

Version 6.18.10, <= 6.18.* is unaffected.

Version 6.19, <= * is unaffected.

CVE-2026-23205 is a vulnerability in Linux KernelPublished on February 14, 2026

Products Associated with CVE-2026-23205

Affected Versions

CVE-2026-23205 is a vulnerability in Linux Kernel
Published on February 14, 2026