CVE-2026-31627

HIGH

i2c: s3c24xx: check the size of the SMBUS message before using it

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2C_SMBUS_BLOCK_MAX before processing it. This is the same logic that was added in commit a6e04f05ce0b ("i2c: tegra: check msg length in SMBUS block read") to the i2c tegra driver.

Scores

CVSS v3 7.8
EPSS 0.0013
EPSS Percentile 3.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (35)
linux/Kernel 3.10.0 - 5.10.258linux
linux/Kernel 5.11.0 - 5.15.209linux
linux/Kernel 5.16.0 - 6.1.175linux
linux/Kernel 6.13.0 - 6.18.24linux
linux/Kernel 6.19.0 - 6.19.14linux
linux/Kernel 6.2.0 - 6.6.136linux
linux/Kernel 6.20.0 - 7.0.1linux
linux/Kernel 6.7.0 - 6.12.83linux
Linux/Linux < 3.10
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 377fae22a137b6b89f3f32399a58c52cf2325416
... and 25 more
Published Apr 24, 2026
Tracked Since Apr 24, 2026