CVE-2026-31647

CVE-2026-31647 concerns the Linux kernel idpf driver. The vulnerability stems from improper nesting of PREEMPT_RT raw/BH spinlocks during asynchronous VC handling, which could yield an invalid wait context. A fix switches from the completion’s raw spinlock to a local lock in the idpf_vc_xn struct...

CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

CVE-2026-31536

The vulnerability CVE-2026-31536 affects the Linux kernel SMB direct server implementation. In smb: server: let send_done handle a completion without IB_SEND_SIGNALED, during smbdirect_send_batch processing requests may be processed without IB_SEND_SIGNALED and could be destroyed in the final req...

CVE-2026-31536 smb: server: let send_done handle a completion without IB_SEND_SIGNALED

In the Linux kernel, the following vulnerability has been resolved: smb: server: let senddone handle a completion without IBSENDSIGNALED With smbdirectsendbatch processing we likely have requests without IBSENDSIGNALED, which will be destroyed in the final request that has IBSENDSIGNALED set. If...

EUVD-2026-25429

In the Linux kernel, the following vulnerability has been resolved: smb: server: let senddone handle a completion without IBSENDSIGNALED With smbdirectsendbatch processing we likely have requests without IBSENDSIGNALED, which will be destroyed in the final request that has IBSENDSIGNALED set. If...

CVE-2026-31536

In the Linux kernel, the following vulnerability has been resolved: smb: server: let senddone handle a completion without IBSENDSIGNALED With smbdirectsendbatch processing we likely have requests without IBSENDSIGNALED, which will be destroyed in the final request that has IBSENDSIGNALED set. If...

CVE-2026-31534

CVE-2026-31534 affects the Linux kernel SMB client logic. In smbdirect_send_batch processing, requests may exist without the IB_SEND_SIGNALED flag and could be destroyed by the final request that carries IB_SEND_SIGNALED. If the connection is broken, all outstanding requests are signaled even wit...

CVE-2026-31534

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-31534

...

Linux Distros Unpatched Vulnerability : CVE-2026-31534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: let senddone handle a completion without IBSENDSIGNALED With smbdirectsendbatch...

PT-2026-34886

In the Linux kernel, the following vulnerability has been resolved: smb: client: let send done handle a completion without IB SEND SIGNALED With smbdirect send batch processing we likely have requests without IB SEND SIGNALED, which will be destroyed in the final request that has IB SEND SIGNALED...

PT-2026-34999

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the idpf driver regarding PREEMPT RT raw/bh spinlock nesting during asynchronous VC handling. The problem occurs because the async handler takes a BH spinlock while...

CLSA-2026-1776959688 busybox: Fix of 4 CVEs

CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...

SUSE CVE-2026-31436

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...

SUSE CVE-2026-31467

In the Linux kernel, the following vulnerability has been resolved: erofs: add GFPNOIO in the bio completion if needed The bio completion path in the process context e.g. dm-verity will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies...

SUSE CVE-2026-31492

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

SUSE CVE-2026-31493

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the completion context in...

SUSE CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

CVE-2026-31493

A flaw was found in the Linux kernel's RDMA/efa component. When an admin command completes with an error during admin queue completion handling, the system attempts to print data from a completion context that has already been freed. This use-after-free vulnerability can lead to the disclosure of...

CVE-2026-31436

A flaw was found in the Linux kernel's dmaengine subsystem, specifically within the idxd driver. This vulnerability occurs due to incorrect descriptor completion in the llistabortdesc function. This can lead to issues such as NULL pointer dereferences, double completion, or descriptor leaks, whic...