In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code where a request can be replayed if necessary. However, some of these places were missing the necessary reinitializations of certain local variables before replay. This change makes sure that these variables get initialized after the label.

A flaw was found in the Linux kernel's Common Internet File System (cifs) component. This vulnerability occurs when certain local variables are not properly reinitialized during the replay of a request. This oversight can lead to unexpected system behavior or instability, potentially resulting in a denial of service (DoS).

Red Hat recognizes this upstream CIFS client fix for incomplete replay-path initialization. Incorrect replay bookkeeping can corrupt SMB session state and harm integrity or availability for mounted shares. Customers should install corrected kernels through their product errata. To mitigate this issue, prevent the cifs module from being loaded. See https://access.redhat.com/solutions/41278 for instructions. Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Fix deferred kernel Red Hat Enterprise Linux 8 Fix deferred kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-31693 https://nvd.nist.gov/vuln/detail/CVE-2026-31693 https://lore.kernel.org/linux-cve-announce/2026043004-CVE-2026-31693-f964@gregkh/T