CVE-2026-31476 ksmbd: do not expire session on binding failure

🗓️ 22 Apr 2026 13:54:04Reported by LinuxType

ksmbd no longer expires a session on binding failure, preventing denial of service from wrong password binding requests.

Reporter	Title	Published	Views	Family All 37
ATTACKERKB	CVE-2026-31476	22 Apr 202613:54	–	attackerkb
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	3 May 202623:59	–	astralinux
CBLMariner	CVE-2026-31476 affecting package kernel for versions less than 6.6.134.1-2	3 May 202620:52	–	cbl_mariner
Circl	CVE-2026-31476	5 May 202620:00	–	circl
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31476	22 Apr 202613:54	–	cve
Debian	[SECURITY] [DLA 4561-1] linux-6.1 security update	2 May 202608:40	–	debian
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian	[SECURITY] [DSA 6243-1] linux security update	1 May 202619:10	–	debian
Debian CVE	CVE-2026-31476	22 Apr 202613:54	–	debiancve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "4642ea35c03cf3d3558c009df4757cdb7af3f82d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "f5300690c23c5ac860499bb37dbc09cf43fd62e6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "6fafc4c4238e538969f1375f9ecdc6587c53f1cc",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "1d1888b4a7aec518b707f6eca0bf08992c0e8da3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "a897064a457056acb976e20e3007cdf553de340f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "e0e5edc81b241c70355217de7e120c97c3429deb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f5a544e3bab78142207e0242d22442db85ba1eff",
        "lessThan": "9bbb19d21ded7d78645506f20d8c44895e3d0fb9",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "5.15",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.15",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.209",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.168",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.131",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.80",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.21",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.11",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/f5300690c23c5ac860499bb37dbc09cf43fd62e6
git	www.git.kernel.org/stable/c/4642ea35c03cf3d3558c009df4757cdb7af3f82d
git	www.git.kernel.org/stable/c/a897064a457056acb976e20e3007cdf553de340f
git	www.git.kernel.org/stable/c/1d1888b4a7aec518b707f6eca0bf08992c0e8da3
git	www.git.kernel.org/stable/c/6fafc4c4238e538969f1375f9ecdc6587c53f1cc
git	www.git.kernel.org/stable/c/e0e5edc81b241c70355217de7e120c97c3429deb
git	www.git.kernel.org/stable/c/9bbb19d21ded7d78645506f20d8c44895e3d0fb9

01 Jun 2026 16:11Current

CVSS 3.18.2

EPSS0.00499