CVE-2026-31392

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's SMB client related to Kerberos (krb5) mounting with the username option. The issue occurs when attempting to mount shares with different usernames using Kerberos authentication. The client incorrectly reuses an existing SMB session from a previous mount, even when a different username is specified, leading to authentication failures. Specifically, the client attempts to use credentials from the first mount for subsequent mounts, even if the username in the mount option has changed. This can result in errors like -ENOKEY when the specified principal is not found in the keytab file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.