Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-31782— perf/x86: Fix potential bad container_of in intel_pmu_hw_config

CVSS 7.8 · High EPSS 0.01% · P2
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-31782

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
perf/x86: Fix potential bad container_of in intel_pmu_hw_config
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86_hybrid_pmu and a container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could cause out of bound memory reads. Avoid this by guarding the call to intel_pmu_set_acr_caused_constr with an is_x86_event check.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux ec980e4facef8110f6fce27e5b6344660117f01f ~ e435a30ca6fe14c9611b1fc731c98a6d28410247 -
LinuxLinux 6.16 -

II. Public POCs for CVE-2026-31782

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-31782

Please Login to view more intelligence information

Same Patch Batch · Linux · 2026-05-01 · 146 CVEs total

CVE-2026-430379.8 CRITICALip6_tunnel: clear skb2->cb[] in ip4ip6_err()
CVE-2026-430119.8 CRITICALnet/x25: Fix potential double free of skb
CVE-2026-317059.8 CRITICALksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment
CVE-2026-430389.8 CRITICALipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
CVE-2026-430399.8 CRITICALnet: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch
CVE-2026-317189.8 CRITICALksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger
CVE-2026-430188.8 HIGHBluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt
CVE-2026-317398.8 HIGHcrypto: tegra - Add missing CRYPTO_ALG_ASYNC
CVE-2026-317068.8 HIGHksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()
CVE-2026-317098.8 HIGHsmb: client: validate the whole DACL before rewriting it in cifsacl
CVE-2026-430488.8 HIGHHID: core: Mitigate potential OOB by removing bogus memset()
CVE-2026-317358.8 HIGHiommupt: Fix short gather if the unmap goes into a large mapping
CVE-2026-317738.8 HIGHBluetooth: SMP: derive legacy responder STK authentication from MITM state
CVE-2026-317178.8 HIGHksmbd: validate owner of durable handle on reconnect
CVE-2026-317128.3 HIGHksmbd: require minimum ACE size in smb_check_perm_dacl()
CVE-2026-317718.1 HIGHBluetooth: hci_event: move wake reason storage into validated event handlers
CVE-2026-430518.1 HIGHHID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq
CVE-2026-317088.1 HIGHsmb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path
CVE-2026-317798.1 HIGHwifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()
CVE-2026-430197.8 HIGHBluetooth: hci_conn: fix potential UAF in set_cig_params_sync

Showing top 20 of 146 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2026-31782

No comments yet

Leave a comment