Improper access control in Linux kernel - CVE-2026-31717
Published: May 2, 2026 / Updated: May 15, 2026
Vulnerability identifier: #VU128984
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2026-31717
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote user to hijack an orphaned durable handle.
The vulnerability exists due to improper access control in durable handle reconnect validation in ksmbd when processing SMB2 durable handle reconnect requests. A remote user can predict or brute-force the persistent ID and reconnect to the orphaned handle to hijack an orphaned durable handle.
The issue occurs because the reconnecting user's security context is not verified against the original opener's identity.
How to mitigate CVE-2026-31717
Install security update from vendor's repository.