VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Apr 22, 2026· Updated May 7, 2026

CVE-2026-31443

CVE-2026-31443

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix crash when the event log is disabled

If reporting errors to the event log is not supported by the hardware, and an error that causes Function Level Reset (FLR) is received, the driver will try to restore the event log even if it was not allocated.

Also, only try to free the event log if it was properly allocated.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel's idxd driver, a crash occurs when hardware does not support event logging and an FLR error triggers an attempt to restore an unallocated event log.

Vulnerability

Description

CVE-2026-31443 is a bug in the Linux kernel's idxd DMA engine driver. The root cause is a missing check for whether the event log is supported by the hardware before attempting to restore it after a Function Level Reset (FLR). When the hardware does not support reporting errors to the event log, the driver still tries to restore the event log during error recovery, even though the log was never allocated [1][2].

Exploitation

Conditions

An attacker would need to trigger an error that causes an FLR on a system using the idxd driver with hardware that lacks event log support. No special privileges are required beyond the ability to induce such an error, which could potentially be achieved through malicious I/O or by exploiting other vulnerabilities that cause device errors. The attack surface is limited to systems with specific Intel DSA (Data Streaming Accelerator) hardware configurations.

Impact

If the bug is triggered, the driver attempts to dereference or operate on an uninitialized event log structure, leading to a kernel crash (NULL pointer dereference or similar). This results in a denial of service (DoS) on the affected system. The CVSS v3 score of 5.5 (Medium) reflects the local nature of the attack and the availability impact.

Mitigation

The fix, introduced in kernel commits [1][2][3], adds proper checks to ensure the event log is only restored or freed if it was previously allocated and supported by the hardware. Users should apply the latest stable kernel updates containing these patches. No workaround is available other than avoiding the vulnerable hardware configuration or disabling the idxd driver if not needed.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Linux/Kernel6 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.14,<6.18.21
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
  • Linux/idxdllm-create

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.