CVE-2026-31722

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw in the USB gadget RNDIS component allows a network device to persist after the bind and unbind process, creating a zombie device. This occurs because the net device is allocated during function instance creation and registered with the gadget device as its sysfs parent; however, when the function unbinds, the parent device is destroyed while the net device survives, leading to dangling sysfs symlinks. This issue can impact system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.