Linux Kernel Vulnerability in EDAC Memory Controller Driver
CVE-2026-31689

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 April 2026

What is CVE-2026-31689?

This vulnerability in the Linux Kernel affects the EDAC memory controller driver due to improper initialization of devices during the memory controller allocation process. When the memory controller's private information allocation fails, the error handling sequence incorrectly calls the device's release function before the device itself is properly initialized. This leads to potential system instability and could expose the system to unpredictable behavior, as the system attempts to deallocate uninitialized objects, resulting in a warning message and potential crashes. Developers need to ensure that the initialization sequence is correctly ordered to prevent such vulnerabilities from impacting system reliability.

Affected Version(s)

Linux 0bbb265f7089584aaa6d440805ca75ea4f3930d4

References

https://git.kernel.org/stable/c/aae95970fad2127a1bd49d871...

https://git.kernel.org/stable/c/d3de72e2a2b9ee3a57734c1c0...

https://git.kernel.org/stable/c/d20e98c2df9354cc744431ad8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31689 Data

JSON