CVE-2026-31478

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the ksmbd module where the smb2 calc max out buf len() function used a hardcoded magic number for the hdr2 len argument instead of the correct offset of the Buffer field in the response structure. This occurred after response buffer management was transitioned to use a dynamic iov array.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.