HOMEVULNERABILITIESCVE-2026-45924
NONE

CVE-2026-45924

Published: May 27, 2026· Updated: May 27, 2026

Official Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths

There are two places where ksmbd_vfs_kern_path_end_removing() needs to be

called in order to balance what the corresponding successful call to

ksmbd_vfs_kern_path_start_removing() has done, i.e. drop inode locks and

put the taken references. Otherwise there might be potential deadlocks

and unbalanced locks which are caught like:

BUG: workqueue leaked lock or atomic: kworker/5:21/0x00000000/7596

last function: handle_ksmbd_work

2 locks held by kworker/5:21/7596:

#0: ffff8881051ae448 (sb_writers#3){.+.+}-{0:0}, at: ksmbd_vfs_kern_path_locked+0x142/0x660

#1: ffff888130e966c0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: ksmbd_vfs_kern_path_locked+0x17d/0x660

CPU: 5 PID: 7596 Comm: kworker/5:21 Not tainted 6.1.162-00456-gc29b353f383b #138

Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014

Workqueue: ksmbd-io handle_ksmbd_work

Call Trace:

<TASK>

dump_stack_lvl+0x44/0x5b

process_one_work.cold+0x57/0x5c

worker_thread+0x82/0x600

kthread+0x153/0x190

ret_from_fork+0x22/0x30

</TASK>

Found by Linux Verification Center (linuxtesting.org).

NVD Source

Technical Analysis

CVE-2026-45924 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
LinuxDebian
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (7)

Quick Facts

CVE IDCVE-2026-45924
SeverityNONE
CISA KEVNo
PublishedMay 27, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-45924 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.