CVE-2026-31528

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An out-of-bound memory access can occur in the x86 pmu del() function when group sched in() fails and requires a rollback. This happens because the inherit function uses event->pmu to clone events, which can lead to the use of incorrect PMU transaction handlers when the group leader is a software event. Additionally, the perf event read() function was found to require the use of pmu ctx->pmu for group cases to ensure consistency.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.