VYPR
Medium severity5.5NVD Advisory· Published Apr 24, 2026· Updated Apr 28, 2026

CVE-2026-31537

CVE-2026-31537

Description

In the Linux kernel, the following vulnerability has been resolved:

smb: server: make use of smbdirect_socket.send_io.bcredits

It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate (empty) send.

In order to fix this we'll have a single 'batch' credit per connection. And code getting that credit is free to use as much messages until remaining_length reaches 0, then the batch credit it given back and the next logical send can happen.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    Range: >=5.15,<6.18.11

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.

CVE-2026-31537 · Medium · VYPR