VDB

CVE-2026-31717

CVE-2026-31717 PUBLISHED

Reported by Linux · Published May 1, 2026

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to hijack an orphaned durable handle by predicting or brute-forcing the persistent ID. According to MS-SMB2, the server MUST verify that the SecurityContext of the reconnect request matches the SecurityContext associated with the existing open. Add a durable_owner structure to ksmbd_file to store the original opener's UID, GID, and account name. and catpure the owner information when a file handle becomes orphaned. and implementing ksmbd_vfs_compare_durable_owner() to validate the identity of the requester during SMB2_CREATE (DHnC).

EPSS 0.06% · 18.7th percentile

Risk Scores

EPSS Score
0.06%
18.7th percentile

Affected Products

VendorProductVersions
LinuxLinuxc8efcc786146a951091588e5fa7e3c754850cb3c, c8efcc786146a951091588e5fa7e3c754850cb3c, c8efcc786146a951091588e5fa7e3c754850cb3c
LinuxLinux6.9, 0, 6.18.25
linuxlinux_kernel6.9, 6.9, 6.9
LinuxLinuxc8efcc786146a951091588e5fa7e3c754850cb3c, c8efcc786146a951091588e5fa7e3c754850cb3c, 8df4bcdb0a4232192b2445256c39b787d58ef14d

Exploit Intelligence

…and 2 more exploits

Timeline

  • May 1, 2026 CVE Published
  • May 3, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score
  • May 27, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›