{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nksmbd: scope conn-\\u003ebinding slowpath to bound sessions only\\n\\nWhen the binding SESSION_SETUP sets conn-\\u003ebinding = true, the flag stays\\nset after the call so that the global session lookup in\\nksmbd_session_lookup_all() can find the session, which was not added to\\nconn-\\u003esessions. Because the flag is connection-wide, the global lookup\\npath will also resolve any other session by id if asked.\\n\\nTighten the global lookup so that the returned session must have this\\nconnection registered in its channel xarray (sess-\\u003eksmbd_chann_list).\\nThe channel entry is installed by the existing binding_session path in\\nntlm_authenticate()\/krb5_authenticate() when a SESSION_SETUP completes\\nsuccessfully, so this condition is a strict equivalent of \\”this\\nconnection has been accepted as a channel of this session\\”. Connections\\nthat have not bound to a given session cannot reach it via the global\\ntable.\\n\\nThe existing conn-\\u003ebinding gate for entering the slowpath is preserved\\nso that non-binding connections keep the fast-path-only behavior, and\\nthe session-\\u003estate check is unchanged.”,”published”:”2026-06-21T06:18:49.342Z”,”modified”:”2026-06-28T06:36:29.042Z”,”type”:”cve”,”title”:”ksmbd: scope conn-\\u003ebinding slowpath to bound sessions only”,”source”:”Linux”,”references”:”https:\/\/git.kernel.org\/stable\/c\/e74c00c6af428a39e564cdc5bd3a3648c6d8de87\\nhttps:\/\/git.kernel.org\/stable\/c\/e3a93ce6e25757b8f375e38b8f91e1d9da4edc1a\\nhttps:\/\/git.kernel.org\/stable\/c\/1ff46c9915c1cbf454db58a8cb87f7cac818e6a6\\nhttps:\/\/git.kernel.org\/stable\/c\/974c1c224e85549dc3459f3bb2255bbbdd2b9372\\nhttps:\/\/git.kernel.org\/stable\/c\/2cc8a4db633b10715450b291c1343859a4b2c509\\nhttps:\/\/git.kernel.org\/stable\/c\/1e2bec062c5c9ec282636715166056d0998d746d\\nhttps:\/\/git.kernel.org\/stable\/c\/b0da97c034b6107d14e537e212d4ce8b22109a58″,”id”:”CVE-2026-52911″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Linux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux f5a544e3bab78142207e0242d22442db85ba1eff\\nLinux Linux 5.15″,”sourceHref”:””,”cvss”:{“score”:8.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Linux”,”version”:”f5a544e3bab78142207e0242d22442db85ba1eff”,”vendor”:”Linux”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”In the Linux kernel, the following vulnerability has been resolved:\\n\\nksmbd: scope conn-\\u003ebinding slowpath to bound sessions only\\n\\nWhen the binding SESSION_SETUP sets conn-\\u003ebinding = true, the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,41,12,15,13,7,11,5],"class_list":["post-66641","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-88","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n