CVE-2026-31507

🗓️ 22 Apr 2026 13:54:25Reported by LinuxType

CVE-2026-31507: Linux kernel net smc fixes double free of smc private data when tee duplicates splice buffers.

Reporter	Title	Published	Views	Family All 64
CBLMariner	CVE-2026-31507 affecting package kernel for versions less than 6.6.134.1-2	3 May 202620:52	–	cbl_mariner
Circl	CVE-2026-31507	5 May 202620:00	–	circl
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-31507 net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer	22 Apr 202613:54	–	cvelist
Debian	[SECURITY] [DLA 4561-1] linux-6.1 security update	2 May 202608:40	–	debian
Debian	[SECURITY] [DLA 4606-1] linux security update	29 May 202616:36	–	debian
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian	[SECURITY] [DSA 6243-1] linux security update	1 May 202619:10	–	debian
Debian CVE	CVE-2026-31507	22 Apr 202613:54	–	debiancve
Tenable Nessus	Debian dla-4561 : linux-config-6.1 - security update	2 May 202600:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange4.18.1–5.10.253

linux linux_kernelRange5.11–5.15.203

linux linux_kernelRange5.16–6.1.168

linux linux_kernelRange6.2–6.6.131

linux linux_kernelRange6.7–6.12.80

linux linux_kernelRange6.13–6.18.21

linux linux_kernelRange6.19–6.19.11

linux linux_kernelMatch4.18-

linux linux_kernelMatch7.0rc1

linux linux_kernelMatch7.0rc2

linux linux_kernelMatch7.0rc3

linux linux_kernelMatch7.0rc4

linux linux_kernelMatch7.0rc5

linux linux_kernelMatch7.0rc6

linux linux_kernelMatch7.0rc7

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/smc/smc_rx.c"
    ],
    "versions": [
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "7e8916f46c2f48607f907fd401590093753a6bc5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "ae5575e660410c8d2c5d38fb28a0f37aea945676",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "98ba5cb274768146e25ffbfde47753652c1c20d3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "81acbd345d405994875d419d43b319fee0b9ad62",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "7bcb974c771c863e8588cea0012ac204443a7126",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "54c87a730157868543ebdfa0ecb21b4590ed23a5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "3cc76380fea749280c026f410af56a28aaac388a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9014db202cb764b8e14c53e7bacc81f9a1a2ba7f",
        "lessThan": "24dd586bb4cbba1889a50abe74143817a095c1c9",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/smc/smc_rx.c"
    ],
    "versions": [
      {
        "version": "4.18",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.18",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.253",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.203",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.168",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.131",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.80",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.21",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.11",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/7e8916f46c2f48607f907fd401590093753a6bc5
git	www.git.kernel.org/stable/c/3cc76380fea749280c026f410af56a28aaac388a
git	www.git.kernel.org/stable/c/24dd586bb4cbba1889a50abe74143817a095c1c9
git	www.git.kernel.org/stable/c/7bcb974c771c863e8588cea0012ac204443a7126
git	www.git.kernel.org/stable/c/81acbd345d405994875d419d43b319fee0b9ad62
git	www.git.kernel.org/stable/c/54c87a730157868543ebdfa0ecb21b4590ed23a5
git	www.git.kernel.org/stable/c/98ba5cb274768146e25ffbfde47753652c1c20d3
git	www.git.kernel.org/stable/c/ae5575e660410c8d2c5d38fb28a0f37aea945676

11 May 2026 22:10Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.17.8

EPSS0.00017

CWE-415