CVE-2026-31538 in Linuxinformation

Résumé

par MITRE • 24/04/2026

In the Linux kernel, the following vulnerability has been resolved:

smb: server: make use of smbdirect_socket.recv_io.credits.available

The logic off managing recv credits by counting posted recv_io and granted credits is racy.

That's because the peer might already consumed a credit, but between receiving the incoming recv at the hardware and processing the completion in the 'recv_done' functions we likely have a window where we grant credits, which don't really exist.

So we better have a decicated counter for the available credits, which will be incremented when we posted new recv buffers and drained when we grant the credits to the peer.

This fixes regression Namjae reported with the 6.18 release.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Linux

Réserver

09/03/2026

Divulgation

24/04/2026

Modérer

accepté

Entrée

VDB-359342

CPE

prêt

CWE

CWE-120 (confirmé)

CVSS

8.0 (VulDB)

EPSS

0.00054

KEV

non

Activités

très faible

Secteur

Pharma, Hostingprovider, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-31538
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-31538
CVE Details	https://www.cvedetails.com/cve/CVE-2026-31538/

◂ Précédent Aperçu Suivant ▸

Interested in the pricing of exploits?

See the underground prices here!