Skip to main content

Linux Kernel CVE-2026-31462

| EUVDEUVD-2026-24803 MEDIUM
2026-04-22 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Analysis Generated
May 07, 2026 - 21:00 vuln.today
CVSS changed
May 07, 2026 - 18:37 NVD
5.5 (MEDIUM)
Patch released
Apr 23, 2026 - 16:17 nvd
Patch available
Patch available
Apr 22, 2026 - 16:33 EUVD
EUVD ID Assigned
Apr 22, 2026 - 14:22 euvd
EUVD-2026-24803
CVE Published
Apr 22, 2026 - 14:16 nvd
N/A
CVE Published
Apr 22, 2026 - 14:16 nvd
MEDIUM 5.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: prevent immediate PASID reuse case

PASID resue could cause interrupt issue when process immediately runs into hw state left by previous process exited with the same PASID, it's possible that page faults are still pending in the IH ring buffer when the process exits and frees up its PASID. To prevent the case, it uses idr cyclic allocator same as kernel pid's.

(cherry picked from commit 8f1de51f49be692de137c8525106e0fce2d1912d)

AnalysisAI

AMD GPU driver in the Linux kernel fails to prevent rapid PASID (Process Address Space ID) reuse, allowing local authenticated attackers to trigger interrupt handling errors and denial of service. When a process exits with an assigned PASID, page faults may remain pending in the interrupt handler ring buffer; if a new process is immediately assigned the same PASID, it inherits these stale interrupts causing system instability. The vulnerability affects Linux kernel versions prior to 7.0 RC1 and requires local user access with standard privileges. EPSS score of 0.02% indicates minimal real-world exploitation likelihood despite moderate CVSS impact rating.

Technical ContextAI

The vulnerability exists in the AMD GPU (amdgpu) driver's PASID allocation mechanism within the Linux kernel's DRM (Direct Rendering Manager) subsystem. PASIDs are used by AMD GPUs to isolate memory address spaces for different processes; improper reuse allows stale page fault interrupts destined for a previous process to be delivered to a new process sharing the same PASID. The fix implements a cyclic allocator pattern (similar to the kernel's PID allocator) to prevent immediate reuse, ensuring sufficient time for the interrupt handler ring buffer (IH ring) to drain pending faults before a PASID is recycled. This affects all systems with AMD Radeon or RDNA-era GPUs running vulnerable kernel versions.

RemediationAI

Apply kernel patches immediately if running AMD GPU systems: upgrade to Linux 7.0 RC1 or later, or apply stable backports (6.19.11+, 6.18.21+, 6.12.80+) for older kernel branches. Kernel maintainers should backport commit 8f1de51f49be692de137c8525106e0fce2d1912d to all supported stable series. For systems unable to patch immediately, limit user process creation frequency through cgroups task limit controls or implement a brief delay between process termination and creation on systems with AMD discrete GPUs; both approaches reduce the window for PASID reuse race conditions but do not eliminate the root cause. Systems without AMD Radeon GPUs (integrated Intel/AMD iGPUs, NVIDIA discrete GPUs, or no GPU acceleration) are unaffected and do not require patching for this specific issue. Note that kernel upgrades carry general system stability risk; test patches in non-production environments first.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-31462 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy