CVE-2026-31554

EUVD-2026-25447

24.04.2026, 15:16

In the Linux kernel, the following vulnerability has been resolved:

futex: Require sys_futex_requeue() to have identical flags

Nicholas reported that his LLM found it was possible to create a UaF
when sys_futex_requeue() is used with different flags. The initial
motivation for allowing different flags was the variable sized futex,
but since that hasn't been merged (yet), simply mandate the flags are
identical, as is the case for the old style sys_futex() requeue
operations.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	6.7.1 ≤ 𝑥 < 6.12.80
linux	linux_kernel	6.13 ≤ 𝑥 < 6.18.21
linux	linux_kernel	6.19 ≤ 𝑥 < 6.19.11
linux	linux_kernel	6.7
linux	linux_kernel	7.0:rc1
linux	linux_kernel	7.0:rc2
linux	linux_kernel	7.0:rc3
linux	linux_kernel	7.0:rc4
linux	linux_kernel	7.0:rc5
linux	linux_kernel	7.0:rc6
linux	linux_kernel	7.0:rc7

𝑥

= Vulnerable software versions

Amazon Linux Releases

Amazon Package

Release

bpftool6.12

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

bpftool6.12-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

bpftool6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

bpftool6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel-livepatch-6.12.80-105.147

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-livepatch-6.18.25-52.107

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel6.12

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-debuginfo-common-aarch64

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-debuginfo-common-x86_64

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-devel

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-headers

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-libbpf

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-libbpf-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-libbpf-devel

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-libbpf-static

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-modules-extra

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-modules-extra-common

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-tools

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-tools-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.12-tools-devel

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

kernel6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo-common-aarch64

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo-common-x86_64

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-devel

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-headers

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-modules-extra

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-modules-extra-common

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools-devel

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

perf6.12

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

perf6.12-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

perf6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

perf6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

python3-perf6.12

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

python3-perf6.12-debuginfo

Amazon Linux 2023

1:6.12.80-105.147.amzn2023

fixed

python3-perf6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

python3-perf6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

Common Weakness Enumeration

CWE-416 - Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, welche zu einem Denial-of-Service-Zustand, einer Rechteausweitung, der Ausführung von Code oder einer Speicherbeschädigung führen könnten.
Published: 2026-04-26T22:00:00+00:00

References

https://git.kernel.org/stable/c/027145ace09fad4c7cbcd6c61fe9b429c63eb0e5

https://git.kernel.org/stable/c/18b7d09c2b794c71d4252f3ea2cf84ad12b73d6a

https://git.kernel.org/stable/c/19f94b39058681dec64a10ebeb6f23fe7fc3f77a

https://git.kernel.org/stable/c/e2f78c7ec1655fedd945366151ba54fcb9580508