CVE Catalog

CVE-2026-31441

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A memory leak vulnerability was found in the Linux kernel's idxd driver during workqueue reset. The issue occurs because the workqueue type is set to NONE before its resources are released.

Risk Assessment

Memory leak can gradually exhaust system memory, potentially causing system crashes or performance degradation in extreme cases.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit: 1c4b1e5c9a8f). Monitor your distribution for the availability of the patch.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty (all its resources were released). Only set the wq type to NONE after its resources are released.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS