CVE-2026-31436
EUVD-2026-2476022.04.2026, 14:16
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer dereferences, double completion, or descriptor leaks. Fix this by completing d instead of found in the final list_for_each_entry_safe() loop.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 6.8 ≤ 𝑥 < 6.12.80 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.18.21 |
| linux | linux_kernel | 6.19 ≤ 𝑥 < 6.19.11 |
| linux | linux_kernel | 7.0:rc1 |
| linux | linux_kernel | 7.0:rc2 |
| linux | linux_kernel | 7.0:rc3 |
| linux | linux_kernel | 7.0:rc4 |
| linux | linux_kernel | 7.0:rc5 |
| linux | linux_kernel | 7.0:rc6 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| cluster-md-kmp-default |
| ||||
| dlm-kmp-default |
| ||||
| gfs2-kmp-default |
| ||||
| kernel-64kb |
| ||||
| kernel-default |
| ||||
| kernel-default-base |
| ||||
| kernel-docs |
| ||||
| kernel-macros |
| ||||
| kernel-obs-build |
| ||||
| kernel-source |
| ||||
| kernel-syms |
| ||||
| kernel-zfcpdump |
| ||||
| ocfs2-kmp-default |
| ||||
| reiserfs-kmp-default |
|
Common Weakness Enumeration
Vulnerability Media Exposure