{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31627", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.124Z", "datePublished": "2026-04-24T14:42:48.342Z", "dateUpdated": "2026-04-25T05:48:26.443Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-25T05:48:26.443Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: s3c24xx: check the size of the SMBUS message before using it\n\nThe first byte of an i2c SMBUS message is the size, and it should be\nverified to ensure that it is in the range of 0..I2C_SMBUS_BLOCK_MAX\nbefore processing it.\n\nThis is the same logic that was added in commit a6e04f05ce0b (\"i2c:\ntegra: check msg length in SMBUS block read\") to the i2c tegra driver."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-s3c2410.c"], "versions": [{"version": "85747311ecb6167c989093c64a13807366fdd3a9", "lessThan": "d87d5620125a03b1eadbd5df39748215d3db7ddb", "status": "affected", "versionType": "git"}, {"version": "85747311ecb6167c989093c64a13807366fdd3a9", "lessThan": "377fae22a137b6b89f3f32399a58c52cf2325416", "status": "affected", "versionType": "git"}, {"version": "85747311ecb6167c989093c64a13807366fdd3a9", "lessThan": "71b3c316b22c555d2769126a92b1244b15a9750d", "status": "affected", "versionType": "git"}, {"version": "85747311ecb6167c989093c64a13807366fdd3a9", "lessThan": "aaaaec39ddbcd06770dca7f1adebc3b1242ebe7b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-s3c2410.c"], "versions": [{"version": "3.10", "status": "affected"}, {"version": "0", "lessThan": "3.10", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.83", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.24", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.14", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.1", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.12.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.18.24"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "6.19.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "7.0.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d87d5620125a03b1eadbd5df39748215d3db7ddb"}, {"url": "https://git.kernel.org/stable/c/377fae22a137b6b89f3f32399a58c52cf2325416"}, {"url": "https://git.kernel.org/stable/c/71b3c316b22c555d2769126a92b1244b15a9750d"}, {"url": "https://git.kernel.org/stable/c/aaaaec39ddbcd06770dca7f1adebc3b1242ebe7b"}], "title": "i2c: s3c24xx: check the size of the SMBUS message before using it", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: s3c24xx: check the size of the SMBUS message before using it\n\nThe first byte of an i2c SMBUS message is the size, and it should be\nverified to ensure that it is in the range of 0..I2C_SMBUS_BLOCK_MAX\nbefore processing it.\n\nThis is the same logic that was added in commit a6e04f05ce0b (\"i2c:\ntegra: check msg length in SMBUS block read\") to the i2c tegra driver."}], "id": "CVE-2026-31627", "lastModified": "2026-04-24T17:51:40.810", "metrics": {}, "published": "2026-04-24T15:16:42.003", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/377fae22a137b6b89f3f32399a58c52cf2325416"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/71b3c316b22c555d2769126a92b1244b15a9750d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/aaaaec39ddbcd06770dca7f1adebc3b1242ebe7b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d87d5620125a03b1eadbd5df39748215d3db7ddb"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: i2c: s3c24xx: check the size of the SMBUS message before using it", "id": "2461439", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461439"}, "csaw": false, "details": ["No description is available for this CVE."], "name": "CVE-2026-31627", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31627\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31627\nhttps://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31627-bd9b@gregkh/T"]}