CVE-2026-31768 PUBLISHED

iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()

Assigner: Linux
Reserved: 09.03.2026 Published: 01.05.2026 Updated: 01.05.2026

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()

Add a DMA-safe buffer and use it for spi_read() instead of a stack memory. All SPI buffers must be DMA-safe.

Since we only need up to 3 bytes, we just use a u8[] instead of __be16 and __be32 and change the conversion functions appropriately.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to b3bb8faeca1a2ef7be95ee8a512b639f9ffce947 (excl.)
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to fa64aab25aba47296aa8d12bb4c88ec3fecb2054 (excl.)
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to 67b3a91bdc48220bfb67155ab528121b9c822782 (excl.)
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to 014c6d27878d3883f7bb065610768fd021de1a96 (excl.)
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to d2d031b0786ea66ab0577c9d2d71435068d32199 (excl.)
  • affected from 4d671b71beefbfc145b971a11e0c3cabde94b673 to 768461517a28d80fe81ea4d5d03a90cd184ea6ad (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 4.9 is affected
  • unaffected from 0 to 4.9 (excl.)
  • unaffected from 6.1.168 to 6.1.* (incl.)
  • unaffected from 6.6.134 to 6.6.* (incl.)
  • unaffected from 6.12.81 to 6.12.* (incl.)
  • unaffected from 6.18.22 to 6.18.* (incl.)
  • unaffected from 6.19.12 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References