HIGHCVE-2026-31782Published Modified CNA Linux
CVE-2026-31782: perf/x86: Fix potential bad container_of in intel_pmu_hw_config
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86_hybrid_pmu and a container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could cause out of bound memory reads. Avoid this by guarding the call to intel_pmu_set_acr_caused_constr with an is_x86_event check.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
06.18.226.19.127.0bfee04838f636d064bc92075c65c95f739003804dbde07f06226438cd2cf1179745fa1bec5d8914ae435a30ca6fe14c9611b1fc731c98a6d28410247
Affected packages
- Linux / Linux< e435a30ca6fe14c9611b1fc731c98a6d28410247 (from ec980e4facef8110f6fce27e5b6344660117f01f) · < bfee04838f636d064bc92075c65c95f739003804 (from ec980e4facef8110f6fce27e5b6344660117f01f) · < dbde07f06226438cd2cf1179745fa1bec5d8914a (from ec980e4facef8110f6fce27e5b6344660117f01f)
- Linux / Linux6.16Fixed in 0, 6.18.22, 6.19.12, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H