In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate mech token in session setup
If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid.
{ "urgency": "not yet assigned" }