CVE-2026-31537

MEDIUM EPSS 2.2%
Published Apr 24, 20262mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirect_socket.send_io.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate (empty) send. In order to fix this we'll have a single 'batch' credit per connection. And code getting that credit is free to use as much messages until remaining_length reaches 0, then the batch credit it given back and the next logical send can happen.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <6.18.11
linuxlinux_kernel*≥6.19  –  <6.19.1

References 3

  • git.kernel.org https://git.kernel.org/stable/c/34abd408c8ba24d7c97bd02ba874d8c714f49db1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79242e7b6bc63efec28b7c235bc320806afce6c0
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/34abd408c8ba24d7c97bd02ba874d8c714f49db1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79242e7b6bc63efec28b7c235bc320806afce6c0
    Patch