CVE-2026-31595

MEDIUM

PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel paging request at virtual address ffff800083f46004 [...] Internal error: Oops: 0000000096000007 [#1] SMP [...] Call trace: epf_ntb_cmd_handler+0x54/0x200 [pci_epf_vntb] (P) process_one_work+0x154/0x3b0 worker_thread+0x2c8/0x400 kthread+0x148/0x210 ret_from_fork+0x10/0x20

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (30)
linux/Kernel 6.0.0 - 6.1.175linux
linux/Kernel 6.13.0 - 6.18.24linux
linux/Kernel 6.19.0 - 6.19.14linux
linux/Kernel 6.2.0 - 6.6.136linux
linux/Kernel 6.20.0 - 7.0.1linux
linux/Kernel 6.7.0 - 6.12.83linux
Linux/Linux < 6.0
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 5999067140c67530a6cb6f41a8471596e60452cb
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6773cc24c004930903a57761132c1e7728907f8f
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9921cce25bfe4021f6e55ca995351eb967165297
... and 20 more
Published Apr 24, 2026
Tracked Since Apr 24, 2026