Primary

Context

Linux Kernel SMB Client Credit Management Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's SMB client has been addressed. The issue arose from a race condition in the management of received credits, which are used to control the flow of data. The problem occurred because a credit could be consumed by the peer before the receiving hardware had processed it, creating a window where credits were granted but not actually available. This vulnerability affected the Linux kernel stable tree, specifically versions 6.18.x. The flaw has been fixed by implementing a dedicated counter for available credits, which is updated when new receive buffers are posted and when credits are granted to the peer.

Impact

The vulnerability could lead to improper management of receive credits, potentially causing data flow issues in SMB communication.

Added: Apr 24, 2026, 8:34 PM

Updated: Apr 24, 2026, 8:34 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

6.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

6.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SMB Client Credit Management Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating