Vulnerability Report

CVE-2026-46243

Title: Linux kernel cifs.spnego key description bypass

Input Validation Error

Proof Of Concept

PoC Available for CVE-2026-46243

CWE Category NVD-CWE-noinfo
Published Date Jun 01, 2026
Modified Date Jun 09, 2026
Exploit Status Available
Score 7.1 CVSS v
Exploit Probability (EPSS)
0.14%

Vulnerability Summary

CVE-2026-46243: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating inputs. However, userspace can also create keys of this type through request_key(2) or add_key(2), allowing those fields to be supplied without CIFS origin. Only accept cifs.spnego descriptions while CIFS is using its private spnego_cred to request the key.

Impacted Vendors

L
linux 1
U
ubuntu 1

Reference Links

https://git.kernel.org/stable/c/0aece6685fc80a8de492688ca2315fb86ec379c7 https://git.kernel.org/stable/c/2035acfb17221729b1b8ac335e941868a04ca079 https://git.kernel.org/stable/c/3da1fdf4efbc490041eb4f836bf596201203f8f2 https://git.kernel.org/stable/c/7713bd320ed4fc3d08a227cd8e41242219a16981 https://git.kernel.org/stable/c/91f89c1d83e80417629791fcef6af8140d7d01c8 https://git.kernel.org/stable/c/9544559e59438a4b609b2fdfa0763d8360572824 https://git.kernel.org/stable/c/a3bbda6502a9398b816fa2e71c9a3f955f58013d https://git.kernel.org/stable/c/cf20038657d6d4974349556a34e08fe0490bebbc
CVSS v3.1
Source Entity 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Severity HIGH
7.1
Attack Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVSS v3.1
Source Entity 134c704f-9b21-4f2e-91b3-4a467353bcc0
Severity HIGH
7.8
Attack Vector
LOCAL
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2026-46243 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/liamromanis101/cifswitch-check
View Code
GitHub https://github.com/Koshmare-Blossom/CIFSwitch-go
View Code
MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector LOCAL
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Stack

No specific products linked.