CVE-2026-31629 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: April 27, 2026
Linux Kernel - Use After Free
Published: April 24, 2026Updated: April 27, 2026
Overview
Linux kernel contains a use-after-free caused by missing return statements after LLCP_CLOSED checks in nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), letting attackers trigger double release leading to memory corruption, exploit requires triggering specific socket states.
Severity & Score
Severity: High
CVSS Score: 8.8
Impact
Attackers can cause use-after-free leading to potential memory corruption or denial of service.
Mitigation
Update to the latest Linux kernel version containing the fix for missing return statements after LLCP_CLOSED checks.
References
- https://git.kernel.org/stable/c/2b5dd4632966c39da6ba74dbc8689b309065e82c
- https://git.kernel.org/stable/c/0eb1263a3b8c36418c9ba295c9ab3abed664edbf
- https://git.kernel.org/stable/c/796e0cac058252d0ad34ebe288e6f7979b5fc9b2
- https://git.kernel.org/stable/c/8977fad2b3c6eefd414131168d597c5d1d5e1abf
- https://git.kernel.org/stable/c/aba4712e8f0381cd5d196534ce2ad082626a5ab6
- https://git.kernel.org/stable/c/ff3d9e8f7244293e303f7b6ef70774291c7c27e9
Related Resources
Details
- CVE ID
- CVE-2026-31629
- Severity
- High
- CVSS Score
- 8.8
- Type
- use_after_free
- Status
- unconfirmed
CVSS Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H