CVE-2026-31530 cxl/port: Fix use after free of parent_port in cxl_detach_ep()

🗓️ 22 Apr 2026 13:54:42Reported by LinuxType

Fix use after free of parent_port in cxl_detach_ep by establishing that child ports hold a reference to their parent until cleanup.

Reporter	Title	Published	Views	Family All 17
AstraLinux	Astra Linux - уязвимость в linux-5.10	3 May 202623:59	–	astralinux
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31530	22 Apr 202613:54	–	cve
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian CVE	CVE-2026-31530	22 Apr 202613:54	–	debiancve
Tenable Nessus	Debian dsa-6238 : ata-modules-6.12.74+deb13+1-armmp-di - security update	30 Apr 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-31530	22 Apr 202600:00	–	nessus
EUVD	EUVD-2026-24925	22 Apr 202615:31	–	euvd
NVD	CVE-2026-31530	22 Apr 202614:16	–	nvd
OSV	BELL-CVE-2026-31530	25 Apr 202606:10	–	osv

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/cxl/core/port.c"
    ],
    "versions": [
      {
        "version": "2345df54249c6fb7779e2a72b427ee79ed3eaad5",
        "lessThan": "d216a4bd138eb57cc4ae7c43b2f709e3482af7e2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2345df54249c6fb7779e2a72b427ee79ed3eaad5",
        "lessThan": "2c32141462045cf93d54a5146a0ba572b83533dd",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2345df54249c6fb7779e2a72b427ee79ed3eaad5",
        "lessThan": "f7dc6f381a1e5f068333f1faa9265d6af1df4235",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2345df54249c6fb7779e2a72b427ee79ed3eaad5",
        "lessThan": "19d2f0b97a131198efc2c4ca3eb7f980bba8c2b4",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/cxl/core/port.c"
    ],
    "versions": [
      {
        "version": "6.3",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.3",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.80",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.21",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.11",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/19d2f0b97a131198efc2c4ca3eb7f980bba8c2b4
git	www.git.kernel.org/stable/c/d216a4bd138eb57cc4ae7c43b2f709e3482af7e2
git	www.git.kernel.org/stable/c/2c32141462045cf93d54a5146a0ba572b83533dd
git	www.git.kernel.org/stable/c/f7dc6f381a1e5f068333f1faa9265d6af1df4235

11 May 2026 22:10Current

EPSS0.00018