CVE-2026-31661
Published: April 25, 2026Last modified: May 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: Fix dma_free_coherent() size dma_alloc_consistent() may change the size to align it. The new size is saved in alloced. Change the free size to match the allocation size.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.170-r0) |
| 25 LTS | linux-lts | Fixed (6.12.85-r0) | |
| Stream | linux-lts | Fixed (6.12.85-r0) |
References
- https://git.kernel.org/stable/c/01f1330d3d1bee07e0c42d40cc48b7be8b6dad84
- https://git.kernel.org/stable/c/0f87777b74bcce29b966ec42d9aa8f9edd9b1667
- https://git.kernel.org/stable/c/12cd7632757a54ce586e36040210b1a738a0fc53
- https://git.kernel.org/stable/c/3c204a0fd079fa7a867151a47d830ad1c2db5177
- https://git.kernel.org/stable/c/4bf41c2731a0549e21f66180ff780b1e036639ab
- https://git.kernel.org/stable/c/77263f053963dea9f3962505ac0c768853d7dc59
- https://git.kernel.org/stable/c/b27fa888e4a426a3bcf6f6ab24701d888d9bf5aa
- https://git.kernel.org/stable/c/f449676bab54fea1440775c8c915dadb323fe015