{"id":"CVE-2026-31609","summary":"smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()\n\nsmbd_send_batch_flush() already calls smbd_free_send_io(),\nso we should not call it again after smbd_post_send()\nmoved it to the batch list.","modified":"2026-05-18T05:59:52.240626041Z","published":"2026-04-24T14:42:30.797Z","related":["CGA-mwq7-hh94-fjqp","openSUSE-SU-2026:10703-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31609.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/22b7c1c619d808aec4cad3dc42103345e370d107"},{"type":"WEB","url":"https://git.kernel.org/stable/c/27b7c3e916218b5eb2ee350211140e961bfc49be"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a9940dcbe5cb92482c04efc7341039ddf7dbf607"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9a162c2bbcd0ac85bd07c5b37cf20286048b65c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31609.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31609"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"cca0526ef2344cab6944d7f441fc24e152da031b"},{"fixed":"a9940dcbe5cb92482c04efc7341039ddf7dbf607"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"37b5c06956183b65e6808b509cf637632016cdf7"},{"fixed":"22b7c1c619d808aec4cad3dc42103345e370d107"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"21538121efe6c8c5b51c742fa02cbe820bc48714"},{"fixed":"f9a162c2bbcd0ac85bd07c5b37cf20286048b65c"},{"fixed":"27b7c3e916218b5eb2ee350211140e961bfc49be"}]}],"versions":["v6.18.23","v6.18.22","v6.18.21","v6.18.20","v6.18.19","v6.18.18","v6.18.17","v6.18.16","v6.18.15","v6.18.14","v6.18.13","v6.18.12","v6.18.11","v6.19.13","v6.19.12","v6.19.11","v6.19.10","v6.19.9","v6.19.8","v6.19.7","v6.19.6","v6.19.5","v6.19.4","v6.19.3","v6.19.2","v6.19.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31609.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.18.24"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.14"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.20.0"},{"fixed":"7.0.1"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31609.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}