Linux Kernel nvme-pci Polling Queue Race (CVE202631523)
CVE-2026-31523 Published on April 22, 2026
nvme-pci: ensure we're polling a polled queue
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: ensure we're polling a polled queue
A user can change the polled queue count at run time. There's a brief
window during a reset where a hipri task may try to poll that queue
before the block layer has updated the queue maps, which would race with
the now interrupt driven queue and may cause double completions.
Products Associated with CVE-2026-31523
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 965e2c943f065122f14282a88d70a8a92e12a4da is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below ba167d5982e2eb6ff9356d409eca592ce99555da is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 0685dd9cb855ab77fcf3577b4702ba1d6df1c98d is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 6f12734c4b619f923a4df0b1a46b8098b187d324 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below acbc72dd1a09df53cafcf577259f4678be6afd6d is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below b96c7b25eb1b748f3e3b1832ebf028b0b223d7e3 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below b222680ba55e018426c4535067a008f1d81a5d21 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 166e31d7dbf6aa44829b98aa446bda5c9580f12a is affected.
- Version 5.10.253, <= 5.10.* is unaffected.
- Version 5.15.203, <= 5.15.* is unaffected.
- Version 6.1.168, <= 6.1.* is unaffected.
- Version 6.6.131, <= 6.6.* is unaffected.
- Version 6.12.80, <= 6.12.* is unaffected.
- Version 6.18.21, <= 6.18.* is unaffected.
- Version 6.19.11, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.