CVE-2026-31781

Published: May 1, 2026Modified: May 11, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drm_compat_ioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up by calling array_index_nospec() on the index to the function pointer list.

Affected (19)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.16.63 to 3.17
Linux Linux Kernel	From 4.14.91 to 4.15
Linux Linux Kernel	From 4.19.13 to 4.20
Linux Linux Kernel	From 4.20.1 to 5.10.253
Linux Linux Kernel	From 4.4.170 to 4.5
Linux Linux Kernel	From 4.9.148 to 4.10
Linux Linux Kernel	From 5.11 to 5.15.203
Linux Linux Kernel	From 5.16 to 6.1.168
Linux Linux Kernel	From 6.13 to 6.18.22
Linux Linux Kernel	From 6.19 to 6.19.12
Linux Linux Kernel	From 6.2 to 6.6.134
Linux Linux Kernel	From 6.7 to 6.12.81
Linux Linux Kernel	Version 4.20
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6