Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-31529— cxl/region: Fix leakage in __construct_region()

EPSS 0.01% · P3
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-31529

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
cxl/region: Fix leakage in __construct_region()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in __construct_region() Failing the first sysfs_update_group() needs to explicitly kfree the resource as it is too early for cxl_region_iomem_release() to do so.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于__construct_region函数中sysfs_update_group失败时资源泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux d6602e25819dea2c239972e98e09ba5db4aebd22 ~ f1b4741adf08b0063291ec1b0dfa9c3d55644933 -
LinuxLinux 6.19 -

II. Public POCs for CVE-2026-31529

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-31529

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-04-22 · 100 CVEs total

CVE-2026-314639.8 CRITICALiomap: fix invalid folio access when i_blkbits differs from I/O granularity
CVE-2026-314369.8 CRITICALdmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()
CVE-2026-314449.8 CRITICALksmbd: fix use-after-free and NULL deref in smb_grant_oplock()
CVE-2026-315019.8 CRITICALnet: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path
CVE-2026-314789.8 CRITICALksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
CVE-2026-314489.4 CRITICALext4: avoid infinite loops caused by residual data
CVE-2026-314328.8 HIGHksmbd: fix OOB write in QUERY_INFO for compound requests
CVE-2026-314338.8 HIGHksmbd: fix potencial OOB in get_file_all_info() for compound requests
CVE-2026-314358.8 HIGHnetfs: Fix read abandonment during retry
CVE-2026-314508.8 HIGHext4: publish jinode after initialization
CVE-2026-314768.2 HIGHksmbd: do not expire session on binding failure
CVE-2026-315138.1 HIGHBluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req
CVE-2026-314648.1 HIGHscsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()
CVE-2026-314907.8 HIGHdrm/xe/pf: Fix use-after-free in migration restore
CVE-2026-315287.8 HIGHperf: Make sure to use pmu_ctx->pmu for groups
CVE-2026-314737.8 HIGHmedia: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
CVE-2026-314797.8 HIGHdrm/xe: always keep track of remap prev/next
CVE-2026-314757.8 HIGHASoC: sma1307: fix double free of devm_kzalloc() memory
CVE-2026-314747.8 HIGHcan: isotp: fix tx.buf use-after-free in isotp_sendmsg()
CVE-2026-314947.8 HIGHnet: macb: use the current queue number for stats

Showing top 20 of 100 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2026-31529

No comments yet

Leave a comment