CVE-2026-31535

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists in the SMB client logic used for managing receive credits. The process of counting posted recv io and granted credits is flawed because a peer may consume a credit before the hardware receives the incoming receive and the recv done() function processes the completion. This creates a window where credits are granted that do not actually exist.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.