VYPR
Medium severity5.5NVD Advisory· Published May 1, 2026· Updated May 11, 2026

CVE-2026-31781

CVE-2026-31781

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/ioc32: stop speculation on the drm_compat_ioctl path

The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up by calling array_index_nospec() on the index to the function pointer list.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Linux/Kernel8 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=3.16.63,<3.17
    • cpe:2.3:o:linux:linux_kernel:4.20:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.