Description

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place to start abandonment from, but it doesn't always have a useful value (it will be uninitialised on the first pass through the loop and it may point to a deleted subrequest on later passes). Fix the first jump to "abandon:" to set subreq to the start of the first subrequest expected to need retry (which, in this abandonment case, turned out unexpectedly to no longer have NEED_RETRY set). Also clear the subreq pointer after discarding superfluous retryable subrequests to cause an oops if we do try to access it.

INFO

Published Date :

2026-04-22T13:53:35.032Z

Last Modified :

2026-04-22T13:53:35.032Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31435 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31435.

URL Resource
https://git.kernel.org/stable/c/3e5fd8f53b575ff2188f82071da19c977ca56c41 cve-icon cve-icon
https://git.kernel.org/stable/c/7e57523490cd2efb52b1ea97f2e0a74c0fb634cd cve-icon cve-icon
https://git.kernel.org/stable/c/8f2f2bd128a8d9edbc1e785760da54ada3df69b7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026042242-CVE-2026-31435-f0f5@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-31435 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-31435 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact