CVE-2026-31782 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86_hybrid_pmu and a container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could cause out of bound memory reads. Avoid this by guarding the call to intel_pmu_set_acr_caused_constr with an is_x86_event check.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/bfee04838f636d064bc92075c65c95f739003804
https://git.kernel.org/stable/c/dbde07f06226438cd2cf1179745fa1bec5d8914a
https://git.kernel.org/stable/c/e435a30ca6fe14c9611b1fc731c98a6d28410247

History

Fri, 01 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86_hybrid_pmu and a container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could cause out of bound memory reads. Avoid this by guarding the call to intel_pmu_set_acr_caused_constr with an is_x86_event check.
Title		perf/x86: Fix potential bad container_of in intel_pmu_hw_config
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/bfee04838f636d064bc92075c65c95f739003804 https://git.kernel.org/stable/c/dbde07f06226438cd2cf1179745fa1bec5d8914a https://git.kernel.org/stable/c/e435a30ca6fe14c9611b1fc731c98a6d28410247

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-01T14:15:08.586Z

Updated: 2026-05-01T14:15:08.586Z

Reserved: 2026-03-09T15:48:24.141Z

Link: CVE-2026-31782

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-01T15:16:41.707

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31782

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31782", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.141Z", "datePublished": "2026-05-01T14:15:08.586Z", "dateUpdated": "2026-05-01T14:15:08.586Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-01T14:15:08.586Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86: Fix potential bad container_of in intel_pmu_hw_config\n\nAuto counter reload may have a group of events with software events\npresent within it. The software event PMU isn't the x86_hybrid_pmu and\na container_of operation in intel_pmu_set_acr_caused_constr (via the\nhybrid helper) could cause out of bound memory reads. Avoid this by\nguarding the call to intel_pmu_set_acr_caused_constr with an\nis_x86_event check."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/events/intel/core.c"], "versions": [{"version": "ec980e4facef8110f6fce27e5b6344660117f01f", "lessThan": "e435a30ca6fe14c9611b1fc731c98a6d28410247", "status": "affected", "versionType": "git"}, {"version": "ec980e4facef8110f6fce27e5b6344660117f01f", "lessThan": "bfee04838f636d064bc92075c65c95f739003804", "status": "affected", "versionType": "git"}, {"version": "ec980e4facef8110f6fce27e5b6344660117f01f", "lessThan": "dbde07f06226438cd2cf1179745fa1bec5d8914a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/events/intel/core.c"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.22", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.12", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.18.22"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.19.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e435a30ca6fe14c9611b1fc731c98a6d28410247"}, {"url": "https://git.kernel.org/stable/c/bfee04838f636d064bc92075c65c95f739003804"}, {"url": "https://git.kernel.org/stable/c/dbde07f06226438cd2cf1179745fa1bec5d8914a"}], "title": "perf/x86: Fix potential bad container_of in intel_pmu_hw_config", "x_generator": {"engine": "bippy-1.2.0"}}}}