CRITICALCVE-2026-31608Published Modified CNA Linux
CVE-2026-31608: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should not call it again after post_sendmsg() moved it to the batch list.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 0
- Affected Products
- 2
Fix available
02ba03f46132b0d1a7bafb86e1ef61951a22540236.18.246.19.146968c91fab05b8fc4d6700e0cf34472bb422df257.0.17.1-rc1830de6eeb9db4cb7e758201fb99328ef4ca4b03284ff995ae826aa6bbcc6c7b9ea569ff67c021d72
Affected packages
- Linux / Linux< 6968c91fab05b8fc4d6700e0cf34472bb422df25 (from 5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7) · < 2ba03f46132b0d1a7bafb86e1ef61951a2254023 (from 79242e7b6bc63efec28b7c235bc320806afce6c0) · < 830de6eeb9db4cb7e758201fb99328ef4ca4b032 (from 34abd408c8ba24d7c97bd02ba874d8c714f49db1) · < 84ff995ae826aa6bbcc6c7b9ea569ff67c021d72 (from 34abd408c8ba24d7c97bd02ba874d8c714f49db1) · < 6.18.24 (from 6.18.11) · < 6.19.14 (from 6.19.1)
- Linux / Linux7.0Fixed in 0, 6.18.24, 6.19.14, 7.0.1, 7.1-rc1
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H