In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in smb2_open during durable reconnect
In smb2open, the call to ksmbdputdurablefd(fp) drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs subsequently (eg, ksmbdiovpinrsp fails) or a scavenger accesses the file, it leads to a use-after-free when accessing fp properties (eg fp->createtime).
Move the single put to the end of the function below errout2 so fp stays valid until smb2open returns.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53010.json",
"cna_assigner": "Linux"
}