Race condition in Linux kernel - CVE-2026-31548
Published: April 25, 2026
Vulnerability identifier: #VU127856
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31548
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a race condition in cfg80211 PMSR handling when closing the nl80211 socket that originated a PMSR request while the interface is concurrently being torn down. A local user can trigger concurrent abort processing and interface teardown to cause a denial of service.
The issue can result in the driver's abort_pmsr callback operating on a torn-down interface.
How to mitigate CVE-2026-31548
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/28d3551f8d8cb3aec7497894d94150fe84d20e5e
- https://git.kernel.org/stable/c/37e776e2e0a523731e2470dce6d563f0e8632a40
- https://git.kernel.org/stable/c/6dccbc9f3e1d38565dff7730d2b7d1e8b16c9b09
- https://git.kernel.org/stable/c/72b7ea786b8e570ae11149e9089859a4a8634a13
- https://git.kernel.org/stable/c/a1b7a843f12a0c3e9d3a2ca607ce451916ef42cf
- https://git.kernel.org/stable/c/d32c07ef1880fe20cf4ab223dbfedc9c0b2816aa