7.8

CVE-2026-31693

cifs: some missing initializations on replay

In the Linux kernel, the following vulnerability has been resolved:

cifs: some missing initializations on replay

In several places in the code, we have a label to signify
the start of the code where a request can be replayed if
necessary. However, some of these places were missing the
necessary reinitializations of certain local variables
before replay.

This change makes sure that these variables get initialized
after the label.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.6.32 < 6.6.128
LinuxLinux Kernel Version >= 6.8.1 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.16
LinuxLinux Kernel Version >= 6.19 < 6.19.6
LinuxLinux Kernel Version6.8 Update-
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
LinuxLinux Kernel Version6.8 Updaterc4
LinuxLinux Kernel Version6.8 Updaterc5
LinuxLinux Kernel Version6.8 Updaterc6
LinuxLinux Kernel Version6.8 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.028
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/14f66f44646333d2bfd7ece36585874fd72f8286
Patch
https://git.kernel.org/stable/c/1d731e512134495e0ef490ade0e4d91dc0d515ec
Patch
https://git.kernel.org/stable/c/7c9ce68192eef14c777cb6ce17155d2eb2431aea
Patch
https://git.kernel.org/stable/c/c854ab481ece4b3e5f4c2e8b22824f015ff874a5
Patch
https://git.kernel.org/stable/c/c99e160938b627f6f28edee930e8abc157e84386
Patch