CVE-2026-31491

MEDIUM EPSS 2.2%
Published Apr 22, 20262mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions An issue was exposed where OS can pass in U32_MAX for SQ/RQ/SRQ size. This can cause integer overflow and truncation of SQ/RQ/SRQ depth returning a success when it should have failed. Harden the functions to do all depth calculations and boundary checking in u64 sizes.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-190 Integer Overflow or Wraparound Numeric Error

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥6.18.1  –  <6.18.21
linuxlinux_kernel*≥6.19  –  <6.19.11
linuxlinux_kernel6.18any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3f08351de5ca4f2f724b86ad252fbc21289467e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cbd852f5700eb3f64392452faf693ac45cae8281
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e37afcb56ae070477741fe2d6e61fc0c542cce2d
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3f08351de5ca4f2f724b86ad252fbc21289467e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cbd852f5700eb3f64392452faf693ac45cae8281
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e37afcb56ae070477741fe2d6e61fc0c542cce2d
    Patch