{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31391", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.085Z", "datePublished": "2026-04-03T15:15:56.789Z", "dateUpdated": "2026-05-11T22:07:47.591Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:07:47.591Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM ->tfm_count leak\n\nIf memory allocation fails, decrement ->tfm_count to avoid blocking\nfuture reads."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/atmel-sha204a.c"], "versions": [{"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "c2d0c45dbb9eb272385ae919b17eef5a5318d3f8", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "1ab70c260cf16f931a728b2cb63fff5f38c814d8", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "6f502049a96b368ea6646c49d9520d6f69a101fa", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "fd262dc6d758232511127372eba866b7600739ba", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "d240b079a37e90af03fd7dfec94930eb6c83936e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/atmel-sha204a.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.253", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.78", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.10.253"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.12.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c2d0c45dbb9eb272385ae919b17eef5a5318d3f8"}, {"url": "https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9"}, {"url": "https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1"}, {"url": "https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8"}, {"url": "https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa"}, {"url": "https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba"}, {"url": "https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e"}], "title": "crypto: atmel-sha204a - Fix OOM ->tfm_count leak", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM ->tfm_count leak\n\nIf memory allocation fails, decrement ->tfm_count to avoid blocking\nfuture reads."}], "id": "CVE-2026-31391", "lastModified": "2026-04-18T09:16:29.433", "metrics": {}, "published": "2026-04-03T16:16:37.123", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c2d0c45dbb9eb272385ae919b17eef5a5318d3f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: crypto: atmel-sha204a - Fix OOM ->tfm_count leak", "id": "2454855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454855"}, "csaw": false, "cwe": "CWE-911", "details": ["A flaw was found in the Linux kernel's atmel-sha204a component. This issue arises when the system attempts to allocate memory, and that allocation fails. If not properly handled, a resource counter, `tfm_count`, is not correctly decremented, leading to a resource leak. This can be exploited by a local user or process to prevent future read operations, effectively causing a Denial of Service (DoS) by making the system unresponsive to certain requests."], "name": "CVE-2026-31391", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31391\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31391\nhttps://lore.kernel.org/linux-cve-announce/2026040324-CVE-2026-31391-4b86@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,1ab70c260cf16f931a728b2cb63fff5f38c814d8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,6f502049a96b368ea6646c49d9520d6f69a101fa)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,fd262dc6d758232511127372eba866b7600739ba)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,d240b079a37e90af03fd7dfec94930eb6c83936e)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.3"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.3)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-07T10:07:45.697999+00:00", "value": {"mitigation_remediation": ["Update the Linux kernel to a release that includes the patch commits referenced in the advisory", "Confirm that the atmel\u2011sha204a driver module is present and up\u2011to\u2011date", "Monitor system logs for repeated out\u2011of\u2011memory errors during crypto operations", "If a kernel upgrade cannot be applied immediately, restrict the use of the atmel\u2011sha204a crypto functions in critical workloads"], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects any Linux kernel that includes the Atmel SHA204a driver before the patch series referenced in the advisory. No explicit version list is supplied, so every kernel containing the buggy code path is potentially impacted until the update is applied.", "description_and_impact": "A flaw in the Atmel SHA204a crypto driver of the Linux kernel can cause the tfm_count counter to be decremented after a memory allocation failure. This incorrect counter modification leads to a resource counter leak and can block subsequent read operations, effectively turning normal crypto requests into delayed or frozen ones. The weakness involves improper resource release, as identified by CWE\u2011911.", "risk_and_exploitability": "The CVSS score is not disclosed, yet the EPSS score is below 1\u202f% and the issue is not recorded in the CISA Known Exploited Vulnerabilities catalog, indicating a low likelihood of exploitation. An attacker would need to provoke memory exhaustion within the crypto subsystem, a scenario that is typically local or privileged. The primary risk is a denial of service due to blocked future reads rather than remote code execution or data disclosure."}}}}, "created": "2026-04-03T21:13:20.936605+00:00", "updated": "2026-04-08T19:53:32.913076+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}