CVE-2026-31442

7.8 HIGH
Published: April 22, 2026 Modified: May 07, 2026
View on NVD

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset (FLR) concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's possible for a invalid memory access to happen. Always set the deallocated scratch area to NULL after FLR completes.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://git.kernel.org/stable/c/504c0e6751001ac46917c73e703f2b1b92cfc026
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/867d0c801f21370d561420fa32f2ea1a7dc3a22d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/d6077df7b75d26e4edf98983836c05d00ebabd8d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.8 / 10.0
EPSS (Exploit Probability)
0.1%
3th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

Affected Vendors

linux