CVE-2026-31627

Source
https://cve.org/CVERecord?id=CVE-2026-31627
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31627.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-31627
Downstream
Related
Published
2026-04-24T14:42:48.342Z
Modified
2026-06-18T03:54:58.361373001Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
i2c: s3c24xx: check the size of the SMBUS message before using it
Details

In the Linux kernel, the following vulnerability has been resolved:

i2c: s3c24xx: check the size of the SMBUS message before using it

The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCK_MAX before processing it.

This is the same logic that was added in commit a6e04f05ce0b ("i2c: tegra: check msg length in SMBUS block read") to the i2c tegra driver.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31627.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
85747311ecb6167c989093c64a13807366fdd3a9
Fixed
fd1650da24ed54c716aa9b69e9bbd8a662e492da
Fixed
8f756a5964396da0fc9e0db33253a5b85dbbcbb6
Fixed
2d262da4bca6fab96e2e709feb95b31b0a9a03a7
Fixed
fa00738ab30b07db1a43b9c85fc56b8cc3b7d197
Fixed
d87d5620125a03b1eadbd5df39748215d3db7ddb
Fixed
377fae22a137b6b89f3f32399a58c52cf2325416
Fixed
71b3c316b22c555d2769126a92b1244b15a9750d
Fixed
aaaaec39ddbcd06770dca7f1adebc3b1242ebe7b
Fixed
c0128c7157d639a931353ea344fb44aad6d6e17a

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31627.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.10.0
Fixed
5.10.258
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.136
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.83
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.24
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.14
Type
ECOSYSTEM
Events
Introduced
6.20.0
Fixed
7.0.1

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31627.json"