cifs: some missing initializations on replay_CVE-2026-31693

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

cifs: some missing initializations on replay

In several places in the code, we have a label to signify
the start of the code where a request can be replayed if
necessary. However, some of these places were missing the
necessary reinitializations of certain local variables
before replay.

This change makes sure that these variables get initialized
after the label.

Basic Information

ID CVE-2026-31693

Source Linux

Published Apr 30, 2026 at 11:47

Modified May 3, 2026 at 05:45

Affected Product

Vendor Linux

Product Linux

Version 433042a91f9373241307725b52de573933ffedbf

Affected Versions Linux Linux 433042a91f9373241307725b52de573933ffedbf
Linux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e
Linux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e
Linux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e
Linux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e
Linux Linux 6.8

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
    "published": "2026-04-30T11:47:01.230Z",
    "modified": "2026-05-03T05:45:18.654Z",
    "type": "cve",
    "title": "cifs: some missing initializations on replay",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/c854ab481ece4b3e5f4c2e8b22824f015ff874a5\nhttps://git.kernel.org/stable/c/1d731e512134495e0ef490ade0e4d91dc0d515ec\nhttps://git.kernel.org/stable/c/7c9ce68192eef14c777cb6ce17155d2eb2431aea\nhttps://git.kernel.org/stable/c/c99e160938b627f6f28edee930e8abc157e84386\nhttps://git.kernel.org/stable/c/14f66f44646333d2bfd7ece36585874fd72f8286",
    "id": "CVE-2026-31693",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 433042a91f9373241307725b52de573933ffedbf\nLinux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e\nLinux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e\nLinux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e\nLinux Linux 4f1fffa2376922f3d1d506e49c0fd445b023a28e\nLinux Linux 6.8",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "433042a91f9373241307725b52de573933ffedbf",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply