CVE-2026-31537 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirect_socket.send_io.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate (empty) send. In order to fix this we'll have a single 'batch' credit per connection. And code getting that credit is free to use as much messages until remaining_length reaches 0, then the batch credit it given back and the next logical send can happen.

PUBLISHED Reserved 2026-03-09 | Published 2026-04-24 | Updated 2026-04-25 | Assigner Linux

Product status

Default status

unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 79242e7b6bc63efec28b7c235bc320806afce6c0

affected

0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 34abd408c8ba24d7c97bd02ba874d8c714f49db1

affected

Default status

affected

5.15

affected

Any version before 5.15

unaffected

6.18.11 (semver)

unaffected

6.19.1 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7

git.kernel.org/...c/79242e7b6bc63efec28b7c235bc320806afce6c0

git.kernel.org/...c/34abd408c8ba24d7c97bd02ba874d8c714f49db1

cve.org (CVE-2026-31537)

nvd.nist.gov (CVE-2026-31537)

Download JSON

help @ threatint.eu