CVE-2026-31442
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: idxd: Fix possible invalid memory access after FLR
In the case that the first Function Level Reset (FLR) concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's possible for a invalid memory access to happen.
Always set the deallocated scratch area to NULL after FLR completes.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 98d187a989036096feaa2fef1ec3b2240ecdeacf < 504c0e6751001ac46917c73e703f2b1b92cfc026 | affected |
| Linux | Linux | 98d187a989036096feaa2fef1ec3b2240ecdeacf < 867d0c801f21370d561420fa32f2ea1a7dc3a22d | affected |
| Linux | Linux | 98d187a989036096feaa2fef1ec3b2240ecdeacf < d6077df7b75d26e4edf98983836c05d00ebabd8d | affected |
| Linux | Linux | 6.14 | affected |
| Linux | Linux | 0 < 6.14 | unaffected |
| Linux | Linux | 6.18.21 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.11 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/504c0e6751001ac46917c73e703f2b1b92cfc026
- https://git.kernel.org/stable/c/867d0c801f21370d561420fa32f2ea1a7dc3a22d
- https://git.kernel.org/stable/c/d6077df7b75d26e4edf98983836c05d00ebabd8d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.