CVE-2026-31490

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/pf: Fix use-after-free in migration restore

When an error is returned from xe_sriov_pf_migration_restore_produce(), the data pointer is not set to NULL, which can trigger use-after-free in subsequent .write() calls. Set the pointer to NULL upon error to fix the problem.

(cherry picked from commit 4f53d8c6d23527d734fe3531d08e15cb170a0819)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1ed30397c0b92b97381dbd11362fdbbf93e046d2 < e28552b4ddea5cb4725380dd08237831af835124affected
LinuxLinux1ed30397c0b92b97381dbd11362fdbbf93e046d2 < 87997b6c6516e049cbaf2fc6810b213d587a06b1affected
LinuxLinux6.19affected
LinuxLinux0 < 6.19unaffected
LinuxLinux6.19.11 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References