Use-after-free in Linux kernel - CVE-2026-31581
Published: April 25, 2026
Vulnerability identifier: #VU127822
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31581
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in usb6fire_chip_abort() in the ALSA 6fire USB driver when handling device disconnect. A local user can trigger a device disconnect to cause a denial of service.
The issue occurs because the card private data may be freed synchronously when no file handles are open, after which the code accesses the freed chip structure.
How to mitigate CVE-2026-31581
Install security update from vendor's repository.