Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-31436

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer dereferences, double completion, or descriptor leaks. Fix this by completing d instead of found in the final list_for_each_entry_safe() loop.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 36.7%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-31436


Contact Us

Shodan ® - All rights reserved