CVE-2026-31745

Published: May 1, 2026Modified: May 7, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in reset_add_gpio_aux_device() error path When __auxiliary_device_add() fails, reset_add_gpio_aux_device() calls auxiliary_device_uninit(adev). The device release callback reset_gpio_aux_device_release() frees adev, but the current error path then calls kfree(adev) again, causing a double free. Keep kfree(adev) for the auxiliary_device_init() failure path, but avoid freeing adev after auxiliary_device_uninit().

Affected (8)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.19 to 6.19.12
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7

Related CWEs

CWE-415

Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (2)

https://git.kernel.org/stable/c/1de465753220deb41569cf2add87bbb0673731db

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fbffb8c7c7bb4d38e9f65e0bee446685011de5d8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.