CVE-2026-31595

MEDIUM

PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel paging request at virtual address ffff800083f46004 [...] Internal error: Oops: 0000000096000007 [#1] SMP [...] Call trace: epf_ntb_cmd_handler+0x54/0x200 [pci_epf_vntb] (P) process_one_work+0x154/0x3b0 worker_thread+0x2c8/0x400 kthread+0x148/0x210 ret_from_fork+0x10/0x20

References (6)

Core 6

Core References

https://git.kernel.org/stable/c/ceb73484e7204f661f770069ecdf35f6e941879c

https://git.kernel.org/stable/c/6773cc24c004930903a57761132c1e7728907f8f

https://git.kernel.org/stable/c/9921cce25bfe4021f6e55ca995351eb967165297

https://git.kernel.org/stable/c/5999067140c67530a6cb6f41a8471596e60452cb

https://git.kernel.org/stable/c/fbb6c353fa2fb5f5f990eda034a1074b0356127e

https://git.kernel.org/stable/c/d799984233a50abd2667a7d17a9a710a3f10ebe2

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (21)

Linux/Linux < 6.0

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 5999067140c67530a6cb6f41a8471596e60452cb

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6773cc24c004930903a57761132c1e7728907f8f

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9921cce25bfe4021f6e55ca995351eb967165297

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - fbb6c353fa2fb5f5f990eda034a1074b0356127e

Linux/Linux 5.15.153 - 5.16

Linux/Linux 6.0

Linux/Linux 6.12.83 - 6.12.*

Linux/Linux 6.18.24 - 6.18.*

Linux/Linux 6.19.14 - 6.19.*

... and 11 more

Published Apr 24, 2026

Tracked Since Apr 24, 2026