2461455 – (CVE-2026-31595) CVE-2026-31595 kernel: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

Bug 2461455 (CVE-2026-31595) - CVE-2026-31595 kernel: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

Summary: CVE-2026-31595 kernel: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in ...

Keywords:
Status:	NEW
Alias:	CVE-2026-31595
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-24 15:02 UTC by OSIDB Bzimport
Modified:	2026-04-24 19:10 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-24 15:02:27 UTC

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

Disable the delayed work before clearing BAR mappings and doorbells to
avoid running the handler after resources have been torn down.

  Unable to handle kernel paging request at virtual address ffff800083f46004
  [...]
  Internal error: Oops: 0000000096000007 [#1]  SMP
  [...]
  Call trace:
   epf_ntb_cmd_handler+0x54/0x200 [pci_epf_vntb] (P)
   process_one_work+0x154/0x3b0
   worker_thread+0x2c8/0x400
   kthread+0x148/0x210
   ret_from_fork+0x10/0x20

Comment 1 Keith Grant 2026-04-24 19:08:29 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026042416-CVE-2026-31595-b754@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.