Main Vulnerability Database SB2026021889

SB2026021889 - Out-of-bounds read in Linux kernel intel iaa driver

Published: February 18, 2026

Security Bulletin ID SB2026021889

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2025-71231)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the function in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/c77b33b58512708bd5603f48465f018c8b748847
https://git.kernel.org/stable/c/d75207465eed20bc9b0daa4a0927de9568996067
https://git.kernel.org/stable/c/de16f5bca05cace238d237791ed1b6e9d22dab60