{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-22T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: xfs: avoid dereferencing log items after push callbacks",
    "id" : "2460731",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2460731"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-825",
  "details" : [ "A flaw was found in the Linux kernel's XFS filesystem. This vulnerability arises when log items are accessed after their memory has been freed, specifically during certain push callbacks if the Allocation Information List (AIL) lock is released. This memory corruption can lead to a system crash, resulting in a Denial of Service (DoS)." ],
  "statement" : "Upstream adjusted XFS AIL push tracing to avoid dereferencing freed log items after `iop_push()` drops the lock. Red Hat categorizes the issue as local kernel memory safety in XFS journaling paths. Customers running XFS should plan for patched kernels from their product stream. Mitigation is limited to avoiding the driver where policy allows.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-31453\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31453\nhttps://lore.kernel.org/linux-cve-announce/2026042248-CVE-2026-31453-6c3f@gregkh/T" ],
  "name" : "CVE-2026-31453",
  "mitigation" : {
    "value" : "To mitigate this issue, prevent the xfs module from being loaded. See https://access.redhat.com/solutions/41278 for instructions.",
    "lang" : "en:us"
  },
  "csaw" : false
}