CVE-2026-31690

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

27/04/2026

Last modified:

27/04/2026

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the &#39;mode&#39; field through the &#39;resource&#39; pointer with an offset. This was flagged by Smatch static checker as: "buffer overflow &#39;data&#39; 2

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/88c4bd90725557796c15878b7cb70066e9e6b5ab
https://git.kernel.org/stable/c/bd15a5deb5a7251dc1a0cf9186f0253f7eacdb97
https://git.kernel.org/stable/c/fbdb43f6bb2a15ed382d6eb0ef82c8b07b0d47bb