CVE-2026-31520

The caller of report_fixup() does not take ownership of the returned pointer, but it is permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31520.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6e143293e17a73c9313f91c5ca3aaacbaef030cf

Fixed

e2f090aeb7b9930a964e151910f4d45b04c8a7e5

Fixed

2635d0c715f3fb177e0f80ecd5fa48feb6bf3884

Fixed

31860c3f7ac66ab897a8c90dc4e74fa17ca0b624

Fixed

be1a341c161430282acdfe2ac99b413271575cf1

Fixed

e652ebd29928181c3e6820e303da25873e9917d4

Fixed

239c15116d80f67d32f00acc34575f1a6b699613

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31520.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.17.0

Fixed

6.1.168

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.131

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.80

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.21

Type: ECOSYSTEM
Events: Introduced

6.19.0

Fixed

6.19.11

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31520.json"