Use-After-Free Vulnerability in Linux Kernel's ksmbd Component
CVE-2026-31718

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-31718?

A vulnerability exists in the Linux kernel's ksmbd component, which can lead to a use-after-free situation. When a durable file handle persists across a session disconnect, the system may improperly manage byte-range locks associated with that file handle. Specifically, when the durable scavenger attempts to close the file descriptor after a timeout, it fails to correctly handle the cleanup of dangling lock entries due to improper asymmetrical cleanup processes. This issue arises when the connection object is freed while lock entries remain linked to an invalid reference, potentially leading to undefined behavior and memory corruption.

Affected Version(s)

Linux c8efcc786146a951091588e5fa7e3c754850cb3c

Linux c8efcc786146a951091588e5fa7e3c754850cb3c < 3d6682726c2d3a46d31dae88b8166786b09b03ad

Linux c8efcc786146a951091588e5fa7e3c754850cb3c

References

https://git.kernel.org/stable/c/e33c65f011980b4ad4abfd935...

https://git.kernel.org/stable/c/3d6682726c2d3a46d31dae88b...

https://git.kernel.org/stable/c/b34fc42cfe922e551f7a27d3a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31718 Data

JSON