CVE-2026-31484

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An out-of-bounds read exists in the io uring show fdinfo() function. The issue occurs during the iteration over pending submission queue entries (SQEs) on an IORING SETUP SQE MIXED ring. When processing 128-byte SQEs, the wrap check fails to correctly detect when the second half of an entry exceeds the boundaries of the sq sqes array because the sq head variable is not incremented on every iteration. This allows the array index sq idx to reach the last slot while the check still passes, leading to an out-of-bounds read.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.