CVE-2026-31475

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double free issue exists in the ASoC sma1307 component. The sma1307 setting loaded() function incorrectly uses kfree() to manually release memory for mode set entries that were allocated using devm kzalloc(). Since devm kzalloc() creates device-managed resources, the system automatically attempts to release this memory later, leading to a double free condition when the manual cleanup is triggered in the error path.

Recommendations Remove the manual kfree() loop and allow the devres framework to handle the cleanup of device-managed resources.