Kernel: ksmbd Counter Leak (CVE-2026-23228)
CVE-2026-23228 Published on February 18, 2026
smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
In the Linux kernel, the following vulnerability has been resolved:
smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is
freed via free_transport(), which does not decrement active_num_conn,
leaking this counter.
Replace free_transport() with ksmbd_tcp_disconnect().
Products Associated with CVE-2026-23228
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-23228 are published in Linux Kernel:
Affected Versions
Linux:- Version 4210c3555db4b38bade92331b153e583261f05f9 and below 6dd2645cf080a75be31fa66063c7332b291f46f0 is affected.
- Version d5d7847e57ac69fa99c18b363a34419bcdb5a281 and below 7ddd69cd1338c6197e1b6b19cec60d99c8633e4f is affected.
- Version 0d0d4680db22eda1eea785c47bbf66a9b33a8b16 and below 787769c8cc50416af7b8b1a36e6bcd6aaa7680aa is affected.
- Version 0d0d4680db22eda1eea785c47bbf66a9b33a8b16 and below baf664fc90a6139a39a58333e4aaa390c10d45dc is affected.
- Version 0d0d4680db22eda1eea785c47bbf66a9b33a8b16 and below cd25e0d809531a67e9dd53b19012d27d2b13425f is affected.
- Version 0d0d4680db22eda1eea785c47bbf66a9b33a8b16 and below 599271110c35f6b16e2e4e45b9fbd47ed378c982 is affected.
- Version 0d0d4680db22eda1eea785c47bbf66a9b33a8b16 and below 77ffbcac4e569566d0092d5f22627dfc0896b553 is affected.
- Version 6.2 is affected.
- Before 6.2 is unaffected.
- Version 5.15.201, <= 5.15.* is unaffected.
- Version 6.1.164, <= 6.1.* is unaffected.
- Version 6.6.125, <= 6.6.* is unaffected.
- Version 6.12.72, <= 6.12.* is unaffected.
- Version 6.18.11, <= 6.18.* is unaffected.
- Version 6.19.1, <= 6.19.* is unaffected.
- Version 7.0-rc1, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.