CVE-2026-31686

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double-free issue exists in the Linux kernel's KASAN (Kernel Address Sanitizer) component. The kasan free pxd() function incorrectly assumes that the page table is always aligned with struct page, which is not true for all architectures. For example, on powerpc with 64K pagesize, the PUD table is sourced from a slab cache. This misalignment can lead to a double-free condition during page table deallocation, specifically within the kasan remove zero shadow() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.