QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-31609

Back to search

CVE-2026-31609

Published: Apr 24, 2026

Modified: May 23, 2026

PUBLISHED

CVSS v3.1

9.8

CRITICAL

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_free_send_io(), so we should not call it again after smbd_post_send() moved it to the batch list.

VendorProductVersions

Linux

Linux

affected
cca0526ef2344cab6944d7f441fc24e152da031b - < a9940dcbe5cb92482c04efc7341039ddf7dbf607
affected
37b5c06956183b65e6808b509cf637632016cdf7 - < 22b7c1c619d808aec4cad3dc42103345e370d107
affected
21538121efe6c8c5b51c742fa02cbe820bc48714 - < f9a162c2bbcd0ac85bd07c5b37cf20286048b65c
affected
21538121efe6c8c5b51c742fa02cbe820bc48714 - < 27b7c3e916218b5eb2ee350211140e961bfc49be
affected
6.18.11 - < 6.18.24

+1 more versions

Linux

Linux

affected
7.0
unaffected
0 - < 7.0
unaffected
6.18.24 - <= 6.18.*
unaffected
6.19.14 - <= 6.19.*
unaffected
7.0.1 - <= 7.0.*

+1 more versions

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now