{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31460", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.092Z", "datePublished": "2026-04-22T13:53:52.202Z", "dateUpdated": "2026-04-22T13:53:52.202Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-22T13:53:52.202Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: check if ext_caps is valid in BL setup\n\nLVDS connectors don't have extended backlight caps so check\nif the pointer is valid before accessing it.\n\n(cherry picked from commit 3f797396d7f4eb9bb6eded184bbc6f033628a6f6)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "1454642960b0a4fafd48b08919d39350ee2ac372", "lessThan": "60b0524bfb7d691ab378cdc788209f11cd34da89", "status": "affected", "versionType": "git"}, {"version": "1454642960b0a4fafd48b08919d39350ee2ac372", "lessThan": "9da4f9964abcaeb6e19797d5e3b10faad338a786", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "6.19", "status": "affected"}, {"version": "0", "lessThan": "6.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/60b0524bfb7d691ab378cdc788209f11cd34da89"}, {"url": "https://git.kernel.org/stable/c/9da4f9964abcaeb6e19797d5e3b10faad338a786"}], "title": "drm/amd/display: check if ext_caps is valid in BL setup", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: check if ext_caps is valid in BL setup\n\nLVDS connectors don't have extended backlight caps so check\nif the pointer is valid before accessing it.\n\n(cherry picked from commit 3f797396d7f4eb9bb6eded184bbc6f033628a6f6)"}], "id": "CVE-2026-31460", "lastModified": "2026-04-23T16:17:41.280", "metrics": {}, "published": "2026-04-22T14:16:41.550", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/60b0524bfb7d691ab378cdc788209f11cd34da89"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9da4f9964abcaeb6e19797d5e3b10faad338a786"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/amd/display: check if ext_caps is valid in BL setup", "id": "2460636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460636"}, "csaw": false, "cwe": "CWE-476", "details": ["A flaw was found in the `drm/amd/display` component of the Linux kernel. This vulnerability occurs because the system attempts to access extended backlight capabilities without first verifying if the pointer to these capabilities is valid, specifically when dealing with LVDS connectors. An attacker could potentially trigger a system crash, leading to a Denial of Service (DoS)."], "name": "CVE-2026-31460", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31460\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31460\nhttps://lore.kernel.org/linux-cve-announce/2026042251-CVE-2026-31460-2405@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1454642960b0a4fafd48b08919d39350ee2ac372,60b0524bfb7d691ab378cdc788209f11cd34da89)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1454642960b0a4fafd48b08919d39350ee2ac372,9da4f9964abcaeb6e19797d5e3b10faad338a786)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.19)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.11,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-04-22T17:00:11.731675+00:00", "updated": "2026-04-22T17:00:11.731762+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}