CVE-2026-31536

Source
https://cve.org/CVERecord?id=CVE-2026-31536
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31536.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31536
Downstream
Published
2026-04-24T14:30:24.224Z
Modified
2026-07-08T08:00:27.622869692Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
smb: server: let send_done handle a completion without IB_SEND_SIGNALED
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: server: let senddone handle a completion without IBSEND_SIGNALED

With smbdirectsendbatch processing we likely have requests without IBSENDSIGNALED, which will be destroyed in the final request that has IBSENDSIGNALED set.

If the connection is broken all requests are signaled even without explicit IBSENDSIGNALED.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31536.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
24082642654f3e5149913946e89c00a297a8868f
Fixed
e38b415c024bc3b6321bf8650dbf3f4aab8e74b3
Fixed
9da82dc73cb03e85d716a2609364572367a5ff47

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31536.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.18.11
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31536.json"