CVE-2026-31444 ksmbd: fix use-after-free and NULL deref in smb_grant_oplock()

🗓️ 22 Apr 2026 13:53:41Reported by LinuxType

ksmbd fixes use-after-free and NULL deref in smb_grant_oplock by reordering publication and preallocating lease table.

Reporter	Title	Published	Views	Family All 20
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CBLMariner	CVE-2026-31444 affecting package kernel for versions less than 6.6.134.1-2	3 May 202620:52	–	cbl_mariner
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31444	22 Apr 202613:53	–	cve
Debian CVE	CVE-2026-31444	22 Apr 202613:53	–	debiancve
EUVD	EUVD-2026-24776	22 Apr 202615:31	–	euvd
Mageia	Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities	4 May 202616:05	–	mageia
Mageia	Updated kernel-linus packages fix security vulnerabilities	7 May 202605:06	–	mageia
Microsoft CVE	ksmbd: fix use-after-free and NULL deref in smb_grant_oplock()	23 Apr 202608:08	–	mscve
NVD	CVE-2026-31444	22 Apr 202614:16	–	nvd

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/oplock.c"
    ],
    "versions": [
      {
        "version": "302fef75512b2c8329a3f5efab1ae7ba2562387a",
        "lessThan": "9e785f004cbc56390479b77375726ea9b0d1a8a6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "08aa9f3c8cf4d0bee44df540dfe34e8d64069f2c",
        "lessThan": "7de55bba69cbf0f9280daaea385daf08bc076121",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1d6abf145615dbfe267ce3b0a271f95e3780e18e",
        "lessThan": "a5c6f6d6ceefed2d5210ee420fb75f8362461f46",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "ce8507ee82c888126d8e7565e27c016308d24cde",
        "lessThan": "6d7e5a918c1d0aad06db0e17677b66fc9a471021",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1dfd062caa165ec9d7ee0823087930f3ab8a6294",
        "lessThan": "48623ec358c1c600fa1e38368746f933e0f1a617",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/oplock.c"
    ],
    "versions": [
      {
        "version": "6.6.130",
        "lessThan": "6.6.131",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "6.12.78",
        "lessThan": "6.12.80",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "6.18.19",
        "lessThan": "6.18.21",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "6.19.9",
        "lessThan": "6.19.11",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/7de55bba69cbf0f9280daaea385daf08bc076121
git	www.git.kernel.org/stable/c/9e785f004cbc56390479b77375726ea9b0d1a8a6
git	www.git.kernel.org/stable/c/a5c6f6d6ceefed2d5210ee420fb75f8362461f46
git	www.git.kernel.org/stable/c/48623ec358c1c600fa1e38368746f933e0f1a617
git	www.git.kernel.org/stable/c/6d7e5a918c1d0aad06db0e17677b66fc9a471021

11 May 2026 22:08Current

CVSS 3.19.8

EPSS0.00066