CVE-2026-31781 — Vulnetix

CVE-2026-31781 PUBLISHED

Reported by Linux · Published May 1, 2026

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drm_compat_ioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up by calling array_index_nospec() on the index to the function pointer list.

Affected Products

Vendor	Product	Versions
Linux	Linux	505b5240329b922f21f91d5b5d1e535c805eca6d, 505b5240329b922f21f91d5b5d1e535c805eca6d, 505b5240329b922f21f91d5b5d1e535c805eca6d
Linux	Linux	4.20, 0, 5.10.253
linux	linux_kernel	4.20, 4.20, 4.20
Linux	Linux	5.15.203, 6.1.168, 6.6.134

Timeline

May 1, 2026 CVE Published
May 11, 2026 CVE Updated

References

Open in Interactive Console →