DEBIAN-CVE-2026-31708
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-31708
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-31708.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2026-31708
- Upstream
- Published
- 2026-05-01T14:16:20.837Z
- Modified
- 2026-05-09T23:00:10.874099Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo() has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-reported OutputBufferLength and then copies qi.inputbufferlength bytes from qirsp->Buffer to userspace, but it never verifies that the flexible-array payload actually fits within rspiov[1].iovlen. A malicious server can return OutputBufferLength larger than the actual QUERYINFO response, causing copytouser() to walk past the response buffer and expose adjacent kernel heap to userspace. Guard the QUERYINFO copy with a bounds check on the actual Buffer payload. Use structsize(qirsp, Buffer, qi.inputbuffer_length) rather than an open-coded addition so the guard cannot overflow on 32-bit builds.
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1
5.10.178-1
5.10.178-2
5.10.178-3
5.10.179-1
5.10.179-2
5.10.179-3
5.10.179-4
5.10.179-5
5.10.191-1
5.10.197-1
5.10.205-1
5.10.205-2
5.10.209-1
5.10.209-2
5.10.216-1
5.10.218-1
5.10.221-1
5.10.223-1
5.10.226-1
5.10.234-1
5.10.237-1
5.10.244-1
5.10.247-1
5.10.249-1
5.10.251-1
5.10.251-3
5.10.251-4
5.13.9-1~exp1
5.13.9-1~exp2
5.13.12-1~exp1
5.14-1~exp1
5.14-1~exp2
5.14.1-1~exp1
5.14.2-1~exp1
5.14.3-1~exp1
5.14.6-1
5.14.6-2
5.14.6-3
5.14.9-1
5.14.9-2~bpo11+1
5.14.9-2
5.14.12-1
5.14.16-1
5.15-1~exp1
5.15.1-1~exp1
5.15.2-1~exp1
5.15.3-1
5.15.5-1
5.15.5-2~bpo11+1
5.15.5-2
5.15.15-1
5.15.15-2~bpo11+1
5.15.15-2
5.16~rc1-1~exp1
5.16~rc3-1~exp1
5.16~rc4-1~exp1
5.16~rc5-1~exp1
5.16~rc6-1~exp1
5.16~rc7-1~exp1
5.16~rc8-1~exp1
5.16.3-1~exp1
5.16.4-1~exp1
5.16.7-1
5.16.7-2
5.16.10-1
5.16.11-1~bpo11+1
5.16.11-1
5.16.12-1~bpo11+1
5.16.12-1
5.16.14-1
5.16.18-1
5.17~rc3-1~exp1
5.17~rc4-1~exp1
5.17~rc5-1~exp1
5.17~rc6-1~exp1
5.17~rc7-1~exp1
5.17~rc8-1~exp1
5.17.1-1~exp1
5.17.3-1
5.17.6-1
5.17.11-1
5.18-1~exp1
5.18.2-1~bpo11+1
5.18.2-1
5.18.5-1
5.18.14-1~bpo11+1
5.18.14-1
5.18.16-1~bpo11+1
5.18.16-1
5.19~rc4-1~exp1
5.19~rc6-1~exp1
5.19-1~exp1
5.19.6-1
5.19.11-1~bpo11+1
5.19.11-1
6.*
6.0~rc7-1~exp1
6.0-1~exp1
6.0.2-1
6.0.3-1~bpo11+1
6.0.3-1
6.0.5-1
6.0.6-1
6.0.6-2
6.0.7-1
6.0.8-1
6.0.10-1
6.0.10-2
6.0.12-1~bpo11+1
6.0.12-1
6.0.12-1+alpha
6.1~rc3-1~exp1
6.1~rc5-1~exp1
6.1~rc6-1~exp1
6.1~rc7-1~exp1
6.1~rc8-1~exp1
6.1.1-1~exp1
6.1.1-1~exp2
6.1.2-1~exp1
6.1.4-1
6.1.7-1
6.1.8-1
6.1.8-1+sh4
6.1.11-1
6.1.12-1~bpo11+1
6.1.12-1
6.1.15-1~bpo11+1
6.1.15-1
6.1.20-1~bpo11+1
6.1.20-1
6.1.20-2~bpo11+1
6.1.20-2
6.1.25-1
6.1.27-1~bpo11+1
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.1.119-1
6.1.123-1
6.1.124-1
6.1.128-1
6.1.129-1
6.1.133-1
6.1.135-1
6.1.137-1
6.1.139-1
6.1.140-1
6.1.147-1
6.1.148-1
6.1.153-1
6.1.158-1
6.1.159-1
6.1.162-1
6.1.164-1
6.1.170-1
6.1.170-2
6.1.170-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1
6.8.12-1
6.9.2-1~exp1
6.9.7-1~bpo12+1
6.9.7-1
6.9.8-1
6.9.9-1
6.9.10-1~bpo12+1
6.9.10-1
6.9.11-1
6.9.12-1
6.10-1~exp1
6.10.1-1~exp1
6.10.3-1
6.10.4-1
6.10.6-1~bpo12+1
6.10.6-1
6.10.7-1
6.10.9-1
6.10.11-1~bpo12+1
6.10.11-1
6.10.12-1
6.11~rc4-1~exp1
6.11~rc5-1~exp1
6.11-1~exp1
6.11.2-1
6.11.4-1
6.11.5-1~bpo12+1
6.11.5-1
6.11.6-1
6.11.7-1
6.11.9-1
6.11.10-1~bpo12+1
6.11.10-1
6.12~rc6-1~exp1
6.12.3-1
6.12.5-1
6.12.6-1
6.12.8-1
6.12.9-1~bpo12+1
6.12.9-1
6.12.9-1+alpha
6.12.10-1
6.12.11-1
6.12.11-1+alpha
6.12.11-1+alpha.1
6.12.12-1~bpo12+1
6.12.12-1
6.12.13-1
6.12.15-1
6.12.16-1
6.12.17-1
6.12.19-1
6.12.20-1
6.12.21-1
6.12.22-1~bpo12+1
6.12.22-1
6.12.25-1
6.12.27-1~bpo12+1
6.12.27-1
6.12.29-1
6.12.30-1~bpo12+1
6.12.30-1
6.12.31-1
6.12.32-1~bpo12+1
6.12.32-1
6.12.33-1~bpo12+1
6.12.33-1
6.12.35-1~bpo12+1
6.12.35-1
6.12.37-1
6.12.38-1~bpo12+1
6.12.38-1
6.12.41-1
6.12.43-1~bpo12+1
6.12.43-1
6.12.48-1
6.12.57-1~bpo12+1
6.12.57-1
6.12.63-1~bpo12+1
6.12.63-1
6.12.69-1~bpo12+1
6.12.69-1
6.12.73-1~bpo12+1
6.12.73-1
6.12.74-1
6.12.74-2~bpo12+1
6.12.74-2
6.12.85-1~bpo12+1
6.12.85-1
6.12.86-1~bpo12+1
6.12.86-1
6.13~rc6-1~exp1
6.13~rc7-1~exp1
6.13.2-1~exp1
6.13.3-1~exp1
6.13.4-1~exp1
6.13.5-1~exp1
6.13.6-1~exp1
6.13.7-1~exp1
6.13.8-1~exp1
6.13.9-1~exp1
6.13.10-1~exp1
6.13.11-1~exp1
6.14.3-1~exp1
6.14.5-1~exp1
6.14.6-1~exp1
6.15~rc7-1~exp1
6.15-1~exp1
6.15.1-1~exp1
6.15.2-1~exp1
6.15.3-1~exp1
6.15.4-1~exp1
6.15.5-1~exp1
6.15.6-1~exp1
6.16~rc7-1~exp1
6.16-1~exp1
6.16.1-1~exp1
6.16.3-1~bpo13+1
6.16.3-1
6.16.5-1
6.16.6-1
6.16.7-1
6.16.8-1
6.16.9-1
6.16.10-1
6.16.11-1
6.16.12-1~bpo13+1
6.16.12-1
6.16.12-2
6.17.2-1~exp1
6.17.5-1~exp1
6.17.6-1
6.17.7-1
6.17.7-2
6.17.8-1~bpo13+1
6.17.8-1
6.17.9-1
6.17.10-1
6.17.11-1
6.17.12-1
6.17.13-1~bpo13+1
6.17.13-1
6.18~rc4-1~exp1
6.18~rc4-1~exp2
6.18~rc5-1~exp1
6.18~rc6-1~exp1
6.18~rc7-1~exp1
6.18.1-1~exp1
6.18.2-1~exp1
6.18.3-1
6.18.5-1~bpo13+1
6.18.5-1
6.18.8-1
6.18.9-1~bpo13+1
6.18.9-1
6.18.10-1
6.18.12-1~bpo13+1
6.18.12-1
6.18.13-1
6.18.14-1
6.18.15-1~bpo13+1
6.18.15-1
6.19~rc4-1~exp1
6.19~rc5-1~exp1
6.19~rc6-1~exp1
6.19~rc7-1~exp1
6.19~rc8-1~exp1
6.19-1~exp1
6.19.2-1~exp1
6.19.3-1~exp1
6.19.4-1~exp1
6.19.5-1~exp1
6.19.6-1
6.19.6-2~bpo13+1
6.19.6-2
6.19.8-1~bpo13+1
6.19.8-1
6.19.10-1~bpo13+1
6.19.10-1
6.19.11-1~bpo13+1
6.19.11-1
6.19.12-1
6.19.13-1~bpo13+1
6.19.13-1
6.19.14-1~bpo13+1
6.19.14-1
7.*
7.0-1~exp1
7.0.1-1~exp1
7.0.3-1
7.0.4-1~bpo13+1
7.0.4-1
7.1~rc2-1~exp1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.1.119-1
6.1.123-1
6.1.124-1
6.1.128-1
6.1.129-1
6.1.133-1
6.1.135-1
6.1.137-1
6.1.139-1
6.1.140-1
6.1.147-1
6.1.148-1
6.1.153-1
6.1.158-1
6.1.159-1
6.1.162-1
6.1.164-1
6.1.170-1
6.1.170-2
6.1.170-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1
6.8.12-1
6.9.2-1~exp1
6.9.7-1~bpo12+1
6.9.7-1
6.9.8-1
6.9.9-1
6.9.10-1~bpo12+1
6.9.10-1
6.9.11-1
6.9.12-1
6.10-1~exp1
6.10.1-1~exp1
6.10.3-1
6.10.4-1
6.10.6-1~bpo12+1
6.10.6-1
6.10.7-1
6.10.9-1
6.10.11-1~bpo12+1
6.10.11-1
6.10.12-1
6.11~rc4-1~exp1
6.11~rc5-1~exp1
6.11-1~exp1
6.11.2-1
6.11.4-1
6.11.5-1~bpo12+1
6.11.5-1
6.11.6-1
6.11.7-1
6.11.9-1
6.11.10-1~bpo12+1
6.11.10-1
6.12~rc6-1~exp1
6.12.3-1
6.12.5-1
6.12.6-1
6.12.8-1
6.12.9-1~bpo12+1
6.12.9-1
6.12.9-1+alpha
6.12.10-1
6.12.11-1
6.12.11-1+alpha
6.12.11-1+alpha.1
6.12.12-1~bpo12+1
6.12.12-1
6.12.13-1
6.12.15-1
6.12.16-1
6.12.17-1
6.12.19-1
6.12.20-1
6.12.21-1
6.12.22-1~bpo12+1
6.12.22-1
6.12.25-1
6.12.27-1~bpo12+1
6.12.27-1
6.12.29-1
6.12.30-1~bpo12+1
6.12.30-1
6.12.31-1
6.12.32-1~bpo12+1
6.12.32-1
6.12.33-1~bpo12+1
6.12.33-1
6.12.35-1~bpo12+1
6.12.35-1
6.12.37-1
6.12.38-1~bpo12+1
6.12.38-1
6.12.41-1
6.12.43-1~bpo12+1
6.12.43-1
6.12.48-1
6.12.57-1~bpo12+1
6.12.57-1
6.12.63-1~bpo12+1
6.12.63-1
6.12.69-1~bpo12+1
6.12.69-1
6.12.73-1~bpo12+1
6.12.73-1
6.12.74-1
6.12.74-2~bpo12+1
6.12.74-2
6.12.85-1~bpo12+1
6.12.85-1
6.12.86-1~bpo12+1
6.12.86-1
6.13~rc6-1~exp1
6.13~rc7-1~exp1
6.13.2-1~exp1
6.13.3-1~exp1
6.13.4-1~exp1
6.13.5-1~exp1
6.13.6-1~exp1
6.13.7-1~exp1
6.13.8-1~exp1
6.13.9-1~exp1
6.13.10-1~exp1
6.13.11-1~exp1
6.14.3-1~exp1
6.14.5-1~exp1
6.14.6-1~exp1
6.15~rc7-1~exp1
6.15-1~exp1
6.15.1-1~exp1
6.15.2-1~exp1
6.15.3-1~exp1
6.15.4-1~exp1
6.15.5-1~exp1
6.15.6-1~exp1
6.16~rc7-1~exp1
6.16-1~exp1
6.16.1-1~exp1
6.16.3-1~bpo13+1
6.16.3-1
6.16.5-1
6.16.6-1
6.16.7-1
6.16.8-1
6.16.9-1
6.16.10-1
6.16.11-1
6.16.12-1~bpo13+1
6.16.12-1
6.16.12-2
6.17.2-1~exp1
6.17.5-1~exp1
6.17.6-1
6.17.7-1
6.17.7-2
6.17.8-1~bpo13+1
6.17.8-1
6.17.9-1
6.17.10-1
6.17.11-1
6.17.12-1
6.17.13-1~bpo13+1
6.17.13-1
6.18~rc4-1~exp1
6.18~rc4-1~exp2
6.18~rc5-1~exp1
6.18~rc6-1~exp1
6.18~rc7-1~exp1
6.18.1-1~exp1
6.18.2-1~exp1
6.18.3-1
6.18.5-1~bpo13+1
6.18.5-1
6.18.8-1
6.18.9-1~bpo13+1
6.18.9-1
6.18.10-1
6.18.12-1~bpo13+1
6.18.12-1
6.18.13-1
6.18.14-1
6.18.15-1~bpo13+1
6.18.15-1
6.19~rc4-1~exp1
6.19~rc5-1~exp1
6.19~rc6-1~exp1
6.19~rc7-1~exp1
6.19~rc8-1~exp1
6.19-1~exp1
6.19.2-1~exp1
6.19.3-1~exp1
6.19.4-1~exp1
6.19.5-1~exp1
6.19.6-1
6.19.6-2~bpo13+1
6.19.6-2
6.19.8-1~bpo13+1
6.19.8-1
6.19.10-1~bpo13+1
6.19.10-1
6.19.11-1~bpo13+1
6.19.11-1
6.19.12-1
6.19.13-1~bpo13+1
6.19.13-1
6.19.14-1~bpo13+1
6.19.14-1
7.*
7.0-1~exp1
7.0.1-1~exp1
7.0.3-1
7.0.4-1~bpo13+1
7.0.4-1
7.1~rc2-1~exp1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.12.85-1
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.3-1
Affected versions
6.*
6.12.38-1
6.12.41-1
6.12.43-1~bpo12+1
6.12.43-1
6.12.48-1
6.12.57-1~bpo12+1
6.12.57-1
6.12.63-1~bpo12+1
6.12.63-1
6.12.69-1~bpo12+1
6.12.69-1
6.12.73-1~bpo12+1
6.12.73-1
6.12.74-1
6.12.74-2~bpo12+1
6.12.74-2
6.12.85-1~bpo12+1
6.12.85-1
6.12.86-1~bpo12+1
6.12.86-1
6.13~rc6-1~exp1
6.13~rc7-1~exp1
6.13.2-1~exp1
6.13.3-1~exp1
6.13.4-1~exp1
6.13.5-1~exp1
6.13.6-1~exp1
6.13.7-1~exp1
6.13.8-1~exp1
6.13.9-1~exp1
6.13.10-1~exp1
6.13.11-1~exp1
6.14.3-1~exp1
6.14.5-1~exp1
6.14.6-1~exp1
6.15~rc7-1~exp1
6.15-1~exp1
6.15.1-1~exp1
6.15.2-1~exp1
6.15.3-1~exp1
6.15.4-1~exp1
6.15.5-1~exp1
6.15.6-1~exp1
6.16~rc7-1~exp1
6.16-1~exp1
6.16.1-1~exp1
6.16.3-1~bpo13+1
6.16.3-1
6.16.5-1
6.16.6-1
6.16.7-1
6.16.8-1
6.16.9-1
6.16.10-1
6.16.11-1
6.16.12-1~bpo13+1
6.16.12-1
6.16.12-2
6.17.2-1~exp1
6.17.5-1~exp1
6.17.6-1
6.17.7-1
6.17.7-2
6.17.8-1~bpo13+1
6.17.8-1
6.17.9-1
6.17.10-1
6.17.11-1
6.17.12-1
6.17.13-1~bpo13+1
6.17.13-1
6.18~rc4-1~exp1
6.18~rc4-1~exp2
6.18~rc5-1~exp1
6.18~rc6-1~exp1
6.18~rc7-1~exp1
6.18.1-1~exp1
6.18.2-1~exp1
6.18.3-1
6.18.5-1~bpo13+1
6.18.5-1
6.18.8-1
6.18.9-1~bpo13+1
6.18.9-1
6.18.10-1
6.18.12-1~bpo13+1
6.18.12-1
6.18.13-1
6.18.14-1
6.18.15-1~bpo13+1
6.18.15-1
6.19~rc4-1~exp1
6.19~rc5-1~exp1
6.19~rc6-1~exp1
6.19~rc7-1~exp1
6.19~rc8-1~exp1
6.19-1~exp1
6.19.2-1~exp1
6.19.3-1~exp1
6.19.4-1~exp1
6.19.5-1~exp1
6.19.6-1
6.19.6-2~bpo13+1
6.19.6-2
6.19.8-1~bpo13+1
6.19.8-1
6.19.10-1~bpo13+1
6.19.10-1
6.19.11-1~bpo13+1
6.19.11-1
6.19.12-1
6.19.13-1~bpo13+1
6.19.13-1
6.19.14-1~bpo13+1
6.19.14-1
7.*
7.0-1~exp1
7.0.1-1~exp1