Use of Incorrectly-Resolved Name or Reference in Linux kernel - CVE-2026-23291
Published: March 25, 2026
Vulnerability identifier: #VU124568
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23291
CWE-ID: CWE-706
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper reference counting in the NFC pn533 USB driver when handling device disconnection. A local user can disconnect a USB NFC device to cause a dangling reference, leading to a denial of service.
The issue arises because the USB interface reference obtained during driver probe is not properly released upon disconnection.
How to mitigate CVE-2026-23291
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/00477cab053dc4816b99141d8fcca7a479cfebeb
- https://git.kernel.org/stable/c/12133a483dfa832241fbbf09321109a0ea8a520e
- https://git.kernel.org/stable/c/4551d6cea00224ab65a0ef35e4e6da0e9c0a2d74
- https://git.kernel.org/stable/c/7398d6570501edc55a50ece820f369ab3c1df2e7
- https://git.kernel.org/stable/c/7ff14eb070f0efecb2606f8d7aa01b77d188e886
- https://git.kernel.org/stable/c/d1f6d20b3c2642ec85ce6ea5da7155746c31c6d0