CVE-2026-31442

HIGH

dmaengine: idxd: Fix possible invalid memory access after FLR

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset (FLR) concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's possible for a invalid memory access to happen. Always set the deallocated scratch area to NULL after FLR completes.

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/504c0e6751001ac46917c73e703f2b1b92cfc026

https://git.kernel.org/stable/c/867d0c801f21370d561420fa32f2ea1a7dc3a22d

https://git.kernel.org/stable/c/d6077df7b75d26e4edf98983836c05d00ebabd8d

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-125

Status published

Products (10)

Linux/Linux < 6.14

Linux/Linux 6.14

Linux/Linux 6.18.21 - 6.18.*

Linux/Linux 6.19.11 - 6.19.*

Linux/Linux 7.0

Linux/Linux 98d187a989036096feaa2fef1ec3b2240ecdeacf - 504c0e6751001ac46917c73e703f2b1b92cfc026

Linux/Linux 98d187a989036096feaa2fef1ec3b2240ecdeacf - 867d0c801f21370d561420fa32f2ea1a7dc3a22d

Linux/Linux 98d187a989036096feaa2fef1ec3b2240ecdeacf - d6077df7b75d26e4edf98983836c05d00ebabd8d

linux/linux_kernel 7.0 rc1 (5 CPE variants)

linux/linux_kernel 6.14 - 6.18.21

Published Apr 22, 2026

Tracked Since Apr 22, 2026