CVE-2026-31644

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free and memory leak issue exists in the lan966x fdma reload() function. When the function fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966x fdma rx free pages(). Because page pool put full page() can release pages back to the buddy allocator, the hardware may perform DMA into memory owned by other kernel subsystems. Additionally, if allocation partially succeeds, the newly created page pool is overwritten without being destroyed, resulting in a memory leak.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.