CVE-2026-31477 ksmbd: fix memory leaks and NULL deref in smb2_lock()

🗓️ 22 Apr 2026 13:54:05Reported by LinuxType

Ksmbd fixes memory leaks and null dereference in smb2_lock error paths.

Reporter	Title	Published	Views	Family All 34
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	3 May 202623:59	–	astralinux
Circl	CVE-2026-31477	5 May 202620:00	–	circl
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31477	22 Apr 202613:54	–	cve
Debian	[SECURITY] [DLA 4561-1] linux-6.1 security update	2 May 202608:40	–	debian
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian	[SECURITY] [DSA 6243-1] linux security update	1 May 202619:10	–	debian
Debian CVE	CVE-2026-31477	22 Apr 202613:54	–	debiancve
Tenable Nessus	Debian dla-4561 : linux-config-6.1 - security update	2 May 202600:00	–	nessus
Tenable Nessus	Debian dsa-6238 : ata-modules-6.12.74+deb13+1-armmp-di - security update	30 Apr 202600:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "cdac6f7e7e428dc70e3b5898ac6999a72ed13993",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "c9b95ef6f5039f19e46c3a521a4fe1752d91dfe9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "91aeaa7256006d79a37298f5a1df23325db91599",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "3cdacd11b41569ce75b3162142240f2355e04900",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "aab42f0795620cf0d3955a520f571f697d0f9a2a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9",
        "lessThan": "309b44ed684496ed3f9c5715d10b899338623512",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "5.15",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.15",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.168",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.131",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.80",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.21",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.11",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/3cdacd11b41569ce75b3162142240f2355e04900
git	www.git.kernel.org/stable/c/cdac6f7e7e428dc70e3b5898ac6999a72ed13993
git	www.git.kernel.org/stable/c/91aeaa7256006d79a37298f5a1df23325db91599
git	www.git.kernel.org/stable/c/309b44ed684496ed3f9c5715d10b899338623512
git	www.git.kernel.org/stable/c/c9b95ef6f5039f19e46c3a521a4fe1752d91dfe9
git	www.git.kernel.org/stable/c/aab42f0795620cf0d3955a520f571f697d0f9a2a

11 May 2026 22:09Current

CVSS 3.17.5

EPSS0.00479