VDB
CVE-2026-31409
CVE-2026-31409
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn->binding on failed binding request When a multichannel SMB2_SESSION_SETUP request with SMB2_SESSION_REQ_FLAG_BINDING fails ksmbd sets conn->binding = true but never clears it on the error path. This leaves the connection in a binding state where all subsequent ksmbd_session_lookup_all() calls fall back to the global sessions table. This fix it by clearing conn->binding = false in the error path.
EPSS 0.03% · 10.6th percentile
Risk Scores
EPSS Score
0.03%
10.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 6.1.167, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
| linux | linux_kernel | 0, 0, 0 |
Timeline
- Apr 6, 2026 CVE Published
- Apr 6, 2026 PoC Published
- Apr 6, 2026 Security Advisory
- Apr 27, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
References
- https://git.kernel.org/stable/c/d073870dab8f6dadced81d13d273ff0b21cb7f4e url
- https://git.kernel.org/stable/c/6ebef4a220a1ebe345de899ebb9ae394206fe921 url
- https://git.kernel.org/stable/c/89afe5e2dbea6e9d8e5f11324149d06fa3a4efca url
- https://git.kernel.org/stable/c/9feb2d1bf86d9e5e66b8565f37f8d3a7d281a772 url
- https://git.kernel.org/stable/c/6260fc85ed1298a71d24a75d01f8b2e56d489a60 url
- https://git.kernel.org/stable/c/282343cf8a4a5a3603b1cb0e17a7083e4a593b03 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-31409 advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00004.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00154.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00148.html advisory