In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue maps, which would race with the now interrupt driven queue and may cause double completions.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux
  • Linux Kernel
References
Link Providers
https://git.kernel.org/stable/c/0685dd9cb855ab77fcf3577b4702ba1d6df1c98d cve-icon cve-icon
https://git.kernel.org/stable/c/166e31d7dbf6aa44829b98aa446bda5c9580f12a cve-icon cve-icon
https://git.kernel.org/stable/c/6f12734c4b619f923a4df0b1a46b8098b187d324 cve-icon cve-icon
https://git.kernel.org/stable/c/965e2c943f065122f14282a88d70a8a92e12a4da cve-icon cve-icon
https://git.kernel.org/stable/c/acbc72dd1a09df53cafcf577259f4678be6afd6d cve-icon cve-icon
https://git.kernel.org/stable/c/b222680ba55e018426c4535067a008f1d81a5d21 cve-icon cve-icon
https://git.kernel.org/stable/c/b96c7b25eb1b748f3e3b1832ebf028b0b223d7e3 cve-icon cve-icon
https://git.kernel.org/stable/c/ba167d5982e2eb6ff9356d409eca592ce99555da cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026042212-CVE-2026-31523-1f48@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-31523 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-31523 cve-icon
History

Thu, 23 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-367
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 22 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue maps, which would race with the now interrupt driven queue and may cause double completions.
Title nvme-pci: ensure we're polling a polled queue
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-22T13:54:37.568Z

Reserved: 2026-03-09T15:48:24.110Z

Link: CVE-2026-31523

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-22T14:16:52.263

Modified: 2026-04-22T14:16:52.263

Link: CVE-2026-31523

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-22T00:00:00Z

Links: CVE-2026-31523 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T20:15:20Z