CVE-2026-31573

MEDIUM EPSS 1.4%
Published Apr 24, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Fix kernel panic due to __initconst misuse Fix a kernel panic when probing the driver as a module: Unable to handle kernel paging request at virtual address ffffd9c18eb05000 of_find_matching_node_and_match+0x5c/0x1a0 hantro_probe+0x2f4/0x7d0 [hantro_vpu] The imx8mq_vpu_shared_resources array is referenced by variant structures through their shared_devices field. When built as a module, __initconst causes this data to be freed after module init, but it's later accessed during probe, causing a page fault. The imx8mq_vpu_shared_resources is referenced from non-init code, so keeping __initconst or __initconst_or_module here is wrong. Drop the __initconst annotation and let it live in the normal .rodata section. A bug of __initconst called from regular non-init probe code leading to bugs during probe deferrals or during unbind-bind cycles.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
1.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥6.19.6  –  <6.19.11

References 2

  • git.kernel.org https://git.kernel.org/stable/c/1e7e9119cf9b0d8585b27653b1a6dc31397c252e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8d97c270cb46a2a88739019d0f8547adc7d97da
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1e7e9119cf9b0d8585b27653b1a6dc31397c252e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8d97c270cb46a2a88739019d0f8547adc7d97da
    Patch