CVE-2026-31573

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A kernel panic can occur when probing the driver as a module. This is caused by the misuse of the initconst annotation on the imx8mq vpu shared resources array, which leads to the data being freed after module initialization. Subsequent access to this data during the probe process results in a page fault. This issue can manifest during probe deferrals or unbind-bind cycles.

Recommendations Remove the initconst annotation from the imx8mq vpu shared resources array to ensure it remains in the normal .rodata section.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-31573

Affected Products

Linux Kernel

CVE-2026-31573

Related Identifiers

Affected Products

References · 10