CVE-2026-23330

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the Near Field Communication (NFC) subsystem related to incomplete data exchange handling during device closure. Specifically, the nci close device() function does not fully complete any pending data exchange before closing, potentially leading to a memory leak. This leak occurs because the data exchange callback function, such as rawsock data exchange complete(), holds a reference to a socket. The issue is observed in scenarios involving NIPA and can result in unreferenced objects.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.