CVE-2026-31784 - Vulnerability Details

- drm/xe/pxp: Clear restart flag in pxp_start after jumping back

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/pxp: Clear restart flag in pxp_start after jumping back

If we don't clear the flag we'll keep jumping back at the beginning of
the function once we reach the end.

(cherry picked from commit 0850ec7bb2459602351639dccf7a68a03c9d1ee0)

Published: 2026-05-01

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

In the Linux kernel’s DRM Xe driver, the function pxp_start fails to clear a restart flag after returning from a conditional jump. Consequently the function repeatedly jumps back to its beginning once it reaches the end, creating an infinite loop that can tie the GPU channel and stall GPU‑related operations. This loop does not directly allow code execution but can lead to a denial‑of‑service condition by preventing the driver from returning control to userspace or other kernel components.

Affected Systems

The flaw affects the Linux kernel wherever the drm/xe/pxp component is compiled and loaded. All builds that include the Xe DRM driver are potentially impacted; no specific kernel version is listed, so any deployment that has not applied the fix may be vulnerable.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in CISA KEV, indicating no known active exploitation. Because the bug resides in a privileged kernel module, exploitation would require local ability to load or modify kernel modules, or an attacker with already elevated privileges. No CVSS score is provided, so the severity cannot be quantified, but the attack would likely result in service disruption rather than privilege escalation or data compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2`	affected	< 9e962e68a9d26135af67c423767c0983d9ad94c3
`ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2`	affected	< 400ee45f80480c05c3fa673967f25faab8323753
`ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2`	affected	< 76903b2057c8677c2c006e87fede15f496555dc0

Linux

affected

Version	Status	Constraints
`6.17`	affected	—
`0`	unaffected	< 6.17
`6.18.22`	unaffected	≤ 6.18.*
`6.19.12`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2,9e962e68a9d26135af67c423767c0983d9ad94c3)`	affected	code_commit	—
`[ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2,400ee45f80480c05c3fa673967f25faab8323753)`	affected	code_commit	—
`[ccd3c6820a9024bcb68c249b644b5e42f0f7b9d2,76903b2057c8677c2c006e87fede15f496555dc0)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.17`	affected	generic	—
`[0,6.17)`	unaffected	generic	—
`[6.18.22,6.19.0)`	unaffected	semver	—
`[6.19.12,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update your Linux kernel to a version that includes commit 0850ec7bb2459602351639dccf7a68a03c9d1ee0
Reboot to apply changes and ensure the kernel module is reloaded
If immediate update is not possible, temporarily unload the drm_xe module or disable Xe DRM to prevent the infinite loop

Generated by OpenCVE AI on May 2, 2026 at 07:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/400ee45f80480c05c3fa673967f25faab8323753
https://git.kernel.org/stable/c/76903b2057c8677c2c006e87fede15f496555dc0
https://git.kernel.org/stable/c/9e962e68a9d26135af67c423767c0983d9ad94c3

History

Sat, 02 May 2026 07:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-368

Fri, 01 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/xe/pxp: Clear restart flag in pxp_start after jumping back If we don't clear the flag we'll keep jumping back at the beginning of the function once we reach the end. (cherry picked from commit 0850ec7bb2459602351639dccf7a68a03c9d1ee0)
Title		drm/xe/pxp: Clear restart flag in pxp_start after jumping back
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/400ee45f80480c05c3fa673967f25faab8323753 https://git.kernel.org/stable/c/76903b2057c8677c2c006e87fede15f496555dc0 https://git.kernel.org/stable/c/9e962e68a9d26135af67c423767c0983d9ad94c3

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-01T14:15:09.945Z

Updated: 2026-05-01T14:15:09.945Z

Reserved: 2026-03-09T15:48:24.141Z

Link: CVE-2026-31784

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-01T15:16:41.923

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31784

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-02T07:30:36Z

Weaknesses

CWE-368

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object