CVE-2026-31768
Awaiting Analysis Awaiting Analysis - Queue
Buffer Overflow Fix in Linux Kernel IIO ADC Driver

Publication date: 2026-05-01

Last updated on: 2026-05-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() Add a DMA-safe buffer and use it for spi_read() instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8[] instead of __be16 and __be32 and change the conversion functions appropriately.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-03
Generated
2026-05-07
AI Q&A
2026-05-01
EPSS Evaluated
2026-05-05
NVD
CVE-2026-31768
EUVD
EUVD-2026-26581
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ti ti-adc161s626 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's handling of SPI read operations in the ti-adc161s626 driver. Specifically, the driver was using stack memory for spi_read(), which is not safe for Direct Memory Access (DMA) operations. The fix involves adding a DMA-safe buffer and using it for spi_read() instead of stack memory, ensuring that all SPI buffers are DMA-safe.


How can this vulnerability impact me? :

Using stack memory for DMA operations can lead to undefined behavior, including data corruption or system instability. This vulnerability could potentially cause incorrect data to be read from the ADC device or cause kernel crashes, impacting system reliability and data integrity.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart