CVE-2026-31402Incorrect Calculation of Buffer Size in Linux

CWE-131Incorrect Calculation of Buffer Size7 documents7 sources
Severity
7.0HIGH
No vector
EPSS
0.0%
top 85.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated based on OPEN responses and does not account for LOCK denied responses, which include the conflicting lock owner as a variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT). When a LOCK operation is denied due to a con

Affected Packages3 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2c9452c0797c95cf2378170df96cf4f4b3bca7eff+6
debiandebian/linux< linux 6.19.10-1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-7xf5-3qmr-j4c6: In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv42026-04-03
OSV
CVE-2026-31402: In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv42026-04-03

📋Vendor Advisories

2
Red Hat
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache2026-04-03
Debian
CVE-2026-31402: linux - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix h...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-31402 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache2026-04-03