CVE-2026-31608

CRITICAL 9.8

smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should not call it again after post_sendmsg() moved it to the batch list.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 24, 2026
Last Updated	May 23, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new critical vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Linux / Linux

5ef18a2e66f2f33fdac64437bddfb9fe6389fdc7 < 6968c91fab05b8fc4d6700e0cf34472bb422df25 79242e7b6bc63efec28b7c235bc320806afce6c0 < 2ba03f46132b0d1a7bafb86e1ef61951a2254023 34abd408c8ba24d7c97bd02ba874d8c714f49db1 < 830de6eeb9db4cb7e758201fb99328ef4ca4b032 34abd408c8ba24d7c97bd02ba874d8c714f49db1 < 84ff995ae826aa6bbcc6c7b9ea569ff67c021d72 6.18.11 < 6.18.24 6.19.1 < 6.19.14

Linux / Linux

7.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/6968c91fab05b8fc4d6700e0cf34472bb422df25 git.kernel.org: https://git.kernel.org/stable/c/2ba03f46132b0d1a7bafb86e1ef61951a2254023 git.kernel.org: https://git.kernel.org/stable/c/830de6eeb9db4cb7e758201fb99328ef4ca4b032 git.kernel.org: https://git.kernel.org/stable/c/84ff995ae826aa6bbcc6c7b9ea569ff67c021d72