# CVE-2026-31440

> Vulnerability · severity: **MEDIUM** (CVSS 5.5).

## Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix leaking event log memory

During the device remove process, the device is reset, causing the
configuration registers to go back to their default state, which is
zero. As the driver is checking if the event log support was enabled
before deallocating, it will fail if a reset happened before.

Do not check if the support was enabled, the check for 'idxd->evl'
being valid (only allocated if the HW capability is available) is
enough.

## Key facts

- **CVE ID:** CVE-2026-31440
- **Published:** 2026-04-22
- **CVSS severity:** MEDIUM
- **CVSS base score:** 5.5
- **CWE codes:** CWE-401

## Affected products

- `linux:linux_kernel`

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-31440

## Citation

> AI Analytics. CVE-2026-31440. Retrieved 2026-07-19 from https://api.ai-analytics.org/cve/CVE-2026-31440. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*