CVE-2026-31409

HIGH EPSS 36.2%
Published Apr 6, 20262mo ago · Modified Jun 17, 20261w ago
8.8 CVSS 3.1
High
Find Similar
Published Apr 6, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn->binding on failed binding request When a multichannel SMB2_SESSION_SETUP request with SMB2_SESSION_REQ_FLAG_BINDING fails ksmbd sets conn->binding = true but never clears it on the error path. This leaves the connection in a binding state where all subsequent ksmbd_session_lookup_all() calls fall back to the global sessions table. This fix it by clearing conn->binding = false in the error path.

CVSS Details

Base Score
8.8
Exploitability
2.8
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
36.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.78
linuxlinux_kernel*≥6.13  –  <6.18.20
linuxlinux_kernel*≥6.19  –  <6.19.10
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/282343cf8a4a5a3603b1cb0e17a7083e4a593b03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6260fc85ed1298a71d24a75d01f8b2e56d489a60
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ebef4a220a1ebe345de899ebb9ae394206fe921
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e8b270813079c785696bce8802a3f920665c88c
  • git.kernel.org https://git.kernel.org/stable/c/89afe5e2dbea6e9d8e5f11324149d06fa3a4efca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9feb2d1bf86d9e5e66b8565f37f8d3a7d281a772
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d073870dab8f6dadced81d13d273ff0b21cb7f4e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/282343cf8a4a5a3603b1cb0e17a7083e4a593b03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6260fc85ed1298a71d24a75d01f8b2e56d489a60
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ebef4a220a1ebe345de899ebb9ae394206fe921
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/89afe5e2dbea6e9d8e5f11324149d06fa3a4efca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9feb2d1bf86d9e5e66b8565f37f8d3a7d281a772
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d073870dab8f6dadced81d13d273ff0b21cb7f4e
    Patch