Description
In the Linux kernel, the following vulnerability has been resolved:

dmaengine: xilinx: xdma: Fix regmap init error handling

devm_regmap_init_mmio returns an ERR_PTR() upon error, not NULL.
Fix the error check and also fix the error message. Use the error code
from ERR_PTR() instead of the wrong value in ret.
Published: 2026-04-22
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from the Xilinx XDMA DMA engine driver incorrectly handling the return value of a regmap initialization function; the code treats a ERR_PTR error as a NULL pointer, allowing the driver to proceed with an invalid regmap. This oversight can lead to kernel crashes or memory corruption, compromising system stability but not exposing data or enabling remote code execution.

Affected Systems

All Linux kernel releases that incorporate the Xilinx XDMA driver before the fix was applied are affected. The patch was merged into stable kernel branches in early 2026, and the affected range includes kernels from the 7.0 release series (rc1 through rc6) and earlier stable releases that contain the unpatched driver.

Risk and Exploitability

The EPSS score is below 1 % and the CVSS score is 5.5, indicating a moderate severity but low likelihood of exploitation. Because the flaw resides in kernel‑mode code that requires the driver to be loaded or the associated hardware to be accessed, the attack vector is inferred to be local or dependent on interaction with Xilinx XDMA hardware; this inference is not explicitly stated in the CVE data. The vulnerability is not listed in the CISA KEV catalog, further reducing the expected threat level. Overall risk is limited to potential system instability or denial of service when the DMA hardware is used.

Generated by OpenCVE AI on May 19, 2026 at 23:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the kernel to a version that contains the regmap initialization fix for the Xilinx XDMA driver
  • Reboot the system after installing the updated kernel to ensure the corrected driver is loaded
  • If an immediate kernel upgrade is not possible, disable the Xilinx XDMA module or prevent the relevant hardware from being accessed until the patch is applied

Generated by OpenCVE AI on May 19, 2026 at 23:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6238-1 linux security update
History

Tue, 19 May 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 23 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-390
References

Wed, 22 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devm_regmap_init_mmio returns an ERR_PTR() upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERR_PTR() instead of the wrong value in ret.
Title dmaengine: xilinx: xdma: Fix regmap init error handling
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:08:43.715Z

Reserved: 2026-03-09T15:48:24.090Z

Link: CVE-2026-31439

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-22T14:16:37.240

Modified: 2026-05-19T21:55:10.253

Link: CVE-2026-31439

cve-icon Redhat

Severity :

Publid Date: 2026-04-22T00:00:00Z

Links: CVE-2026-31439 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T00:00:16Z

Weaknesses