CVE-2026-31583

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue exists in the em28xx driver. The function em28xx v4l2 open() reads the dev->v4l2 variable without holding the dev->lock, which creates a race condition with the error path of em28xx v4l2 init() and the em28xx v4l2 fini() function. Both of these functions free the em28xx v4l2 structure and set dev->v4l2 to NULL while holding the lock. This race condition can lead to a use-after-free in v4l2 fh init() when accessing vdev->ctrl handler or a NULL pointer dereference in em28xx resolution set() when accessing v4l2->norm.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.