CVE-2026-31690
Awaiting Analysis Awaiting Analysis - Queue
Buffer Overflow in Linux TH1520 Firmware Driver Fixed

Publication date: 2026-04-27

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the 'mode' field through the 'resource' pointer with an offset. This was flagged by Smatch static checker as: "buffer overflow 'data' 2 <= 3" 2. Replace custom RPC_SET_BE* and RPC_GET_BE* macros with standard kernel endianness conversion macros (cpu_to_be16, etc.) for better portability and maintainability. The functionality was re-tested with the GPU power-up sequence, confirming the GPU powers up correctly and the driver probes successfully. [ 12.702370] powervr ffef400000.gpu: [drm] loaded firmware powervr/rogue_36.52.104.182_v1.fw [ 12.711043] powervr ffef400000.gpu: [drm] FW version v1.0 (build 6645434 OS) [ 12.719787] [drm] Initialized powervr 1.0.0 for ffef400000.gpu on minor 0
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-27
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-04-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31690
EUVD
EUVD-2026-25887
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.19 (inc) to 6.19.13 (exc)
linux linux_kernel From 6.15 (inc) to 6.18.23 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's TH1520 AON firmware protocol driver. It involves two main issues:

  • A potential buffer overflow caused by unsafe pointer arithmetic when accessing the 'mode' field through the 'resource' pointer with an offset.
  • The use of custom RPC_SET_BE* and RPC_GET_BE* macros for endianness conversion, which were replaced with standard kernel endianness conversion macros (like cpu_to_be16) to improve portability and maintainability.

The buffer overflow was identified by the Smatch static checker and fixed to prevent possible memory corruption.

Compliance Impact

The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

The primary impact of this vulnerability is the risk of a buffer overflow in the firmware driver, which could potentially lead to memory corruption.

Memory corruption can cause system instability, crashes, or potentially allow an attacker to execute arbitrary code with kernel privileges, depending on the exploitation context.

Additionally, the replacement of custom endianness macros with standard ones improves the reliability and maintainability of the driver, reducing the risk of bugs related to data interpretation across different hardware architectures.

Detection Guidance

This vulnerability relates to a buffer overflow and endian macro usage in the TH1520 AON firmware protocol driver within the Linux kernel. Detection would involve checking the kernel version or firmware version to confirm if the fix has been applied.

You can check the kernel messages for firmware loading related to powervr and the GPU firmware version by using the following command:

  • dmesg | grep powervr

Look for lines similar to: '[drm] loaded firmware powervr/rogue_36.52.104.182_v1.fw' and '[drm] FW version v1.0 (build 6645434 OS)' which indicate the firmware and driver initialization.

Additionally, verifying the kernel version or patch level that includes this fix would help confirm if the vulnerability is addressed.

Mitigation Strategies

To mitigate this vulnerability, update your Linux kernel to a version that includes the fix for the TH1520 AON firmware protocol driver buffer overflow and endian macro issues.

Ensure that the powervr GPU firmware is properly loaded and initialized as expected, which confirms the fix is in place.

Avoid using kernels or firmware versions prior to the fix to prevent exposure to the buffer overflow vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31690. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart