{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31440", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.090Z", "datePublished": "2026-04-22T13:53:38.388Z", "dateUpdated": "2026-04-22T13:53:38.388Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-22T13:53:38.388Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix leaking event log memory\n\nDuring the device remove process, the device is reset, causing the\nconfiguration registers to go back to their default state, which is\nzero. As the driver is checking if the event log support was enabled\nbefore deallocating, it will fail if a reset happened before.\n\nDo not check if the support was enabled, the check for 'idxd->evl'\nbeing valid (only allocated if the HW capability is available) is\nenough."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/idxd/device.c"], "versions": [{"version": "244da66cda359227d80ccb41dbcb99da40eae186", "lessThan": "d94f9b0ba28a205caf95902ee88b42bdb8af83d0", "status": "affected", "versionType": "git"}, {"version": "244da66cda359227d80ccb41dbcb99da40eae186", "lessThan": "facd0012708e942fc12890708738aebde497564e", "status": "affected", "versionType": "git"}, {"version": "244da66cda359227d80ccb41dbcb99da40eae186", "lessThan": "9dfa00967e6ef43a9dd0887fe5c3a721a39da92e", "status": "affected", "versionType": "git"}, {"version": "244da66cda359227d80ccb41dbcb99da40eae186", "lessThan": "ee66bc29578391c9b48523dc9119af67bd5c7c0f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/idxd/device.c"], "versions": [{"version": "6.4", "status": "affected"}, {"version": "0", "lessThan": "6.4", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.80", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.21", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.12.80"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.18.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d94f9b0ba28a205caf95902ee88b42bdb8af83d0"}, {"url": "https://git.kernel.org/stable/c/facd0012708e942fc12890708738aebde497564e"}, {"url": "https://git.kernel.org/stable/c/9dfa00967e6ef43a9dd0887fe5c3a721a39da92e"}, {"url": "https://git.kernel.org/stable/c/ee66bc29578391c9b48523dc9119af67bd5c7c0f"}], "title": "dmaengine: idxd: Fix leaking event log memory", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix leaking event log memory\n\nDuring the device remove process, the device is reset, causing the\nconfiguration registers to go back to their default state, which is\nzero. As the driver is checking if the event log support was enabled\nbefore deallocating, it will fail if a reset happened before.\n\nDo not check if the support was enabled, the check for 'idxd->evl'\nbeing valid (only allocated if the HW capability is available) is\nenough."}], "id": "CVE-2026-31440", "lastModified": "2026-04-22T14:16:37.390", "metrics": {}, "published": "2026-04-22T14:16:37.390", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9dfa00967e6ef43a9dd0887fe5c3a721a39da92e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d94f9b0ba28a205caf95902ee88b42bdb8af83d0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ee66bc29578391c9b48523dc9119af67bd5c7c0f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/facd0012708e942fc12890708738aebde497564e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: dmaengine: idxd: Fix leaking event log memory", "id": "2460622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460622"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-31440", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31440\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31440\nhttps://lore.kernel.org/linux-cve-announce/2026042244-CVE-2026-31440-78bd@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[244da66cda359227d80ccb41dbcb99da40eae186,d94f9b0ba28a205caf95902ee88b42bdb8af83d0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[244da66cda359227d80ccb41dbcb99da40eae186,facd0012708e942fc12890708738aebde497564e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[244da66cda359227d80ccb41dbcb99da40eae186,9dfa00967e6ef43a9dd0887fe5c3a721a39da92e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[244da66cda359227d80ccb41dbcb99da40eae186,ee66bc29578391c9b48523dc9119af67bd5c7c0f)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.4)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.80,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.21,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.11,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-04-22T16:15:21.592042+00:00", "updated": "2026-04-22T16:15:21.592098+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}