CVE-2026-53198

medium Red Hat
EPSS Score
0.2%
Exploitation probability in 30 days
Top 92% most likely to be exploited
Published: June 25, 2026 (14 days ago)
Last Modified: June 25, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel SMB server. An authenticated SMB client can trigger a use-after-free vulnerability by sending a double SMB2_CANCEL request for the same asynchronous operation. This can lead to memory corruption, potentially allowing an attacker to cause a denial of service or execute arbitrary code.

CWE

CWE-1341

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References