CVE-2026-31608
🟠 Łataj w tym tygodniu
Podwójne zwolnienie pamięci w jądrze Linux w SMB może prowadzić do awarii systemu.
CVSS
9.8
EPSS
0.1%
Exploit
none
Vendor
linux
Opis źródłowy (NVD)
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already calls smb_direct_free_sendmsg(), so we should not call it again after post_sendmsg() moved it to the batch list.
brak
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.8 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.1% |
| Opublikowano (NVD) | 2026-04-24 15:16:40 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-29 20:03:44 UTC |
Referencje
- https://git.kernel.org/stable/c/2ba03f46132b0d1a7bafb86e1ef61951a2254023 (416baaa9-dc9f-4396-8d5f-8c081fb06d67) [Patch]
- https://git.kernel.org/stable/c/6968c91fab05b8fc4d6700e0cf34472bb422df25 (416baaa9-dc9f-4396-8d5f-8c081fb06d67) [Patch]
- https://git.kernel.org/stable/c/830de6eeb9db4cb7e758201fb99328ef4ca4b032 (416baaa9-dc9f-4396-8d5f-8c081fb06d67) [Patch]
- https://git.kernel.org/stable/c/84ff995ae826aa6bbcc6c7b9ea569ff67c021d72 (416baaa9-dc9f-4396-8d5f-8c081fb06d67) [Patch]