VDB

DEBIAN-CVE-2026-31440

DEBIAN-CVE-2026-31440 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log support was enabled before deallocating, it will fail if a reset happened before. Do not check if the support was enabled, the check for 'idxd->evl' being valid (only allocated if the HW capability is available) is enough.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:14linux6.12.43-1, 0, 6.12.41-1
Debian:13linux0, 6.12.38-1, 6.12.41-1

Timeline

  • Apr 22, 2026 CVE Published
  • May 8, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›