CVE-2026-31509

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A circular locking dependency exists in the NFC NCI component. The nci close device() function flushes rx wq and tx wq while holding the req lock mutex. This creates a conflict because nci rx work() running on rx wq can also attempt to acquire req lock through a sequence of calls involving nci rx data packet(), nci data exchange complete(), sk destruct(), rawsock destruct(), nfc deactivate target(), nci deactivate target(), and nci request().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.