CVE-2026-31441

medium

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty (all its resources were released). Only set the wq type to NONE after its resources are released.

References

https://git.kernel.org/stable/c/d9cfb5193a047a92a4d3c0e91ea4cc87c8f7c478

https://git.kernel.org/stable/c/a9e7815d38629bcf59d3005001f1f315424a58de

https://git.kernel.org/stable/c/a16098a2f0c11ee5e04e23aa7478ca1fcfb0f658

https://git.kernel.org/stable/c/54d77cc0c40ca2f894859dc7b3c52997574f1a2a

https://git.kernel.org/stable/c/39c1504e0e76bcfb93991fd94288a83e05d13b51

https://git.kernel.org/stable/c/0c3d3ac57e3c52b570b8c695903306bff07e04c8

Details

Source: Mitre, NVD

Published: 2026-04-22

Updated: 2026-04-23

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024