PT-2026-34981 · Linux · Linux Kernel
Published
2026-04-24
·
Updated
2026-05-06
·
CVE-2026-31629
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A use-after-free issue exists in the NFC LLCP component. In the functions
nfc llcp recv hdlc() and nfc llcp recv disc(), when the socket state is LLCP CLOSED, the code calls release sock() and nfc llcp sock put() but fails to return. This causes execution to fall through and call these functions a second time, resulting in a double release sock() and a reference count underflow via double nfc llcp sock put().Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel