{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31560", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.116Z", "datePublished": "2026-04-24T14:35:42.634Z", "dateUpdated": "2026-05-11T22:11:08.845Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:11:08.845Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-dw-dma: fix print error log when wait finish transaction\n\nIf an error occurs, the device may not have a current message. In this\ncase, the system will crash.\n\nIn this case, it's better to use dev from the struct ctlr (struct spi_controller*)."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/spi/spi-dw-dma.c"], "versions": [{"version": "bdbdf0f06337d3661b64c0288c291cb06624065e", "lessThan": "184f5aaf72f1f1c73e66bae0b8d28e81c2f2a72f", "status": "affected", "versionType": "git"}, {"version": "bdbdf0f06337d3661b64c0288c291cb06624065e", "lessThan": "3b46d61890632c8f8b117147b6923bff4b42ccb7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/spi/spi-dw-dma.c"], "versions": [{"version": "5.8", "status": "affected"}, {"version": "0", "lessThan": "5.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/184f5aaf72f1f1c73e66bae0b8d28e81c2f2a72f"}, {"url": "https://git.kernel.org/stable/c/3b46d61890632c8f8b117147b6923bff4b42ccb7"}], "title": "spi: spi-dw-dma: fix print error log when wait finish transaction", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE5C168D-744C-4BAC-8555-6A27E3391430", "versionEndExcluding": "6.19.11", "versionStartIncluding": "5.8.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8:-:*:*:*:*:*:*", "matchCriteriaId": "0E2DC66F-4A95-475F-B8B6-191DEC1E7EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-dw-dma: fix print error log when wait finish transaction\n\nIf an error occurs, the device may not have a current message. In this\ncase, the system will crash.\n\nIn this case, it's better to use dev from the struct ctlr (struct spi_controller*)."}], "id": "CVE-2026-31560", "lastModified": "2026-04-27T20:30:03.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:30.403", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/184f5aaf72f1f1c73e66bae0b8d28e81c2f2a72f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3b46d61890632c8f8b117147b6923bff4b42ccb7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: spi: spi-dw-dma: fix print error log when wait finish transaction", "id": "2461499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461499"}, "csaw": false, "cwe": "CWE-476", "details": ["A flaw was found in the Linux kernel's spi-dw-dma component. When the system attempts to complete a Serial Peripheral Interface (SPI) transaction, an error in handling a missing device message can lead to a system crash. This vulnerability could result in a Denial of Service (DoS)."], "name": "CVE-2026-31560", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31560\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31560\nhttps://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31560-9e2c@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[bdbdf0f06337d3661b64c0288c291cb06624065e,184f5aaf72f1f1c73e66bae0b8d28e81c2f2a72f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[bdbdf0f06337d3661b64c0288c291cb06624065e,3b46d61890632c8f8b117147b6923bff4b42ccb7)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.8"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.8)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.11,6.20.0]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-28T14:13:55.480643+00:00", "value": {"mitigation_remediation": ["Upgrade the Linux kernel to a version that incorporates the fix for the spi-dw-dma driver, such as Linux kernel 5.8.x with patch applied or any kernel 7.0 alpha/beta/rc release that includes the commit that corrects the error\u2011log path.", "If an immediate kernel upgrade is not possible, disable the spi-dw-dma driver or remove the hardware device from the system to prevent the error condition from occurring.", "Verify that any custom or vendor\u2011supplied kernel builds include the upstream patch before deploying them to production environments."], "summary": {"action": "Apply patch", "impact": "Denial of Service (kernel crash)"}, "threat_synthesis": {"affected_systems": "The flaw exists in the Linux kernel for version 5.8 and all release candidates of version 7.0 (rc1 through rc7) as well as any general kernel builds that include the spi-dw-dma driver without the patch. Administrators using these kernel versions should check whether the spi-dw-dma subsystem is active on the system.", "description_and_impact": "A null pointer dereference can occur in the SPI DMA driver when an error is generated and the device has no current message. The kernel attempts to log the error incorrectly, resulting in an unexpected crash that may bring the entire system down. This flaw is identified as CWE-476 and NVD-CWE-noinfo and would allow an attacker who can trigger such a driver error to cause a denial\u2011of\u2011service condition. The vulnerability is not tied to a remote payload; it requires local or privileged code to exercise the driver error path.", "risk_and_exploitability": "The CVSS score of 5.5 indicates moderate severity, while the EPSS score of less than 1% shows that the exploitation probability is low at present. Because the issue leads to a kernel crash, it is considered a local or privileged threat: an attacker must be able to provoke the driver error on the affected machine. The vulnerability is not listed in the CISA KEV catalog, suggesting that no widespread, actively exploited variants are known."}}}}, "created": "2026-04-27T19:15:11.613430+00:00", "updated": "2026-04-28T14:15:34.930804+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}