CVE-2026-31567

EPSS 0.01%
Veröffentlicht 24.04.2026 14:35:47
Zuletzt bearbeitet 27.04.2026 20:32:24
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

PM: sleep: Drop spurious WARN_ON() from pm_restore_gfp_mask()

In the Linux kernel, the following vulnerability has been resolved:

PM: sleep: Drop spurious WARN_ON() from pm_restore_gfp_mask()

Commit 35e4a69b2003f ("PM: sleep: Allow pm_restrict_gfp_mask()
stacking") introduced refcount-based GFP mask management that warns
when pm_restore_gfp_mask() is called with saved_gfp_count == 0.

Some hibernation paths call pm_restore_gfp_mask() defensively where
the GFP mask may or may not be restricted depending on the execution
path. For example, the uswsusp interface invokes it in
SNAPSHOT_CREATE_IMAGE, SNAPSHOT_UNFREEZE, and snapshot_release().
Before the stacking change this was a silent no-op; it now triggers
a spurious WARNING.

Remove the WARN_ON() wrapper from the !saved_gfp_count check while
retaining the check itself, so that defensive calls remain harmless
without producing false warnings.

[ rjw: Subject tweak ]

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 11 VulnDex Vulnerability Enrichment 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.17.8 < 6.18

Linux ≫ Linux Kernel Version >= 6.18.1 < 6.18.21

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.11

Linux ≫ Linux Kernel Version6.18 Update-

Linux ≫ Linux Kernel Version7.0 Updaterc1

Linux ≫ Linux Kernel Version7.0 Updaterc2

Linux ≫ Linux Kernel Version7.0 Updaterc3

Linux ≫ Linux Kernel Version7.0 Updaterc4

Linux ≫ Linux Kernel Version7.0 Updaterc5

Linux ≫ Linux Kernel Version7.0 Updaterc6

Linux ≫ Linux Kernel Version7.0 Updaterc7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.023

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/3025ca5daa9d682b629c0c958b538e41deeb559d

Patch

https://git.kernel.org/stable/c/f19d1323aa3dd7ead469aef47d9085f8939565d9

Patch

https://git.kernel.org/stable/c/a8d51efb5929ae308895455a3e496b5eca2cd143

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31567

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31567

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31567

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-31567