iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()_CVE-2026-31768

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()

Add a DMA-safe buffer and use it for spi_read() instead of a stack
memory. All SPI buffers must be DMA-safe.

Since we only need up to 3 bytes, we just use a u8[] instead of __be16
and __be32 and change the conversion functions appropriately.

Basic Information

ID CVE-2026-31768

Source Linux

Published May 1, 2026 at 14:14

Modified May 3, 2026 at 05:45

Affected Product

Vendor Linux

Product Linux

Version 4d671b71beefbfc145b971a11e0c3cabde94b673

Affected Versions Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673
Linux Linux 4.9

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-adc161s626: use DMA-safe memory for spi_read()\n\nAdd a DMA-safe buffer and use it for spi_read() instead of a stack\nmemory. All SPI buffers must be DMA-safe.\n\nSince we only need up to 3 bytes, we just use a u8[] instead of __be16\nand __be32 and change the conversion functions appropriately.",
    "published": "2026-05-01T14:14:57.971Z",
    "modified": "2026-05-03T05:45:49.425Z",
    "type": "cve",
    "title": "iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/b3bb8faeca1a2ef7be95ee8a512b639f9ffce947\nhttps://git.kernel.org/stable/c/fa64aab25aba47296aa8d12bb4c88ec3fecb2054\nhttps://git.kernel.org/stable/c/67b3a91bdc48220bfb67155ab528121b9c822782\nhttps://git.kernel.org/stable/c/014c6d27878d3883f7bb065610768fd021de1a96\nhttps://git.kernel.org/stable/c/d2d031b0786ea66ab0577c9d2d71435068d32199\nhttps://git.kernel.org/stable/c/768461517a28d80fe81ea4d5d03a90cd184ea6ad",
    "id": "CVE-2026-31768",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4d671b71beefbfc145b971a11e0c3cabde94b673\nLinux Linux 4.9",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "4d671b71beefbfc145b971a11e0c3cabde94b673",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply