CVE-2026-31768

high

Description

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() Add a DMA-safe buffer and use it for spi_read() instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8[] instead of __be16 and __be32 and change the conversion functions appropriately.

References

https://git.kernel.org/stable/c/fa64aab25aba47296aa8d12bb4c88ec3fecb2054

https://git.kernel.org/stable/c/d2d031b0786ea66ab0577c9d2d71435068d32199

https://git.kernel.org/stable/c/b3bb8faeca1a2ef7be95ee8a512b639f9ffce947

https://git.kernel.org/stable/c/768461517a28d80fe81ea4d5d03a90cd184ea6ad

https://git.kernel.org/stable/c/67b3a91bdc48220bfb67155ab528121b9c822782

https://git.kernel.org/stable/c/014c6d27878d3883f7bb065610768fd021de1a96

Details

Source: Mitre, NVD

Published: 2026-05-01

Updated: 2026-05-01

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00024