QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-31608

Back to search

CVE-2026-31608

Published: Apr 24, 2026

Modified: May 23, 2026

PUBLISHED

CVSS v3.1

9.8

CRITICAL

Description

In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should not call it again after post_sendmsg() moved it to the batch list.

VendorProductVersions

Linux

Linux

affected
5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7 - < 6968c91fab05b8fc4d6700e0cf34472bb422df25
affected
79242e7b6bc63efec28b7c235bc320806afce6c0 - < 2ba03f46132b0d1a7bafb86e1ef61951a2254023
affected
34abd408c8ba24d7c97bd02ba874d8c714f49db1 - < 830de6eeb9db4cb7e758201fb99328ef4ca4b032
affected
34abd408c8ba24d7c97bd02ba874d8c714f49db1 - < 84ff995ae826aa6bbcc6c7b9ea569ff67c021d72
affected
6.18.11 - < 6.18.24

+1 more versions

Linux

Linux

affected
7.0
unaffected
0 - < 7.0
unaffected
6.18.24 - <= 6.18.*
unaffected
6.19.14 - <= 6.19.*
unaffected
7.0.1 - <= 7.0.*

+1 more versions

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now