PT-2026-35002 · Linux · Linux Kernel
Published
2026-04-24
·
Updated
2026-04-28
·
CVE-2026-31650
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A use-after-free issue exists in the mmc vub300 driver. The driver maintains an explicit reference count for the controller and its driver data, but the last reference could be dropped after the driver was unbound. This occurs because the controller allocation was device managed. Additionally, the lifetime was incorrectly tied to the parent USB device instead of the interface, which could lead to memory leaks if the driver was unbound without the device being physically disconnected, such as during probe deferral.
Recommendations
Revert to non-managed allocation of the controller.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel