Improper resource shutdown or release in Linux kernel - CVE-2026-31762
Published: May 2, 2026
Vulnerability identifier: #VU128929
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31762
CWE-ID: CWE-404
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper resource shutdown or release in mpu3050_trigger_probe() in drivers/iio/gyro/mpu3050-core.c when handling trigger registration failures after setting up an interrupt handler. A local user can trigger the vulnerable error path to cause a denial of service.
How to mitigate CVE-2026-31762
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/3a8e68d65a443de05061818823037931674740e0
- https://git.kernel.org/stable/c/4216db1043a3be72ef9c2b7b9f393d7fa72496e6
- https://git.kernel.org/stable/c/658d9deb45d5032baf388ac51991d1e789157334
- https://git.kernel.org/stable/c/889253494ec73d60bd47c0518f8fe3a748520d5b
- https://git.kernel.org/stable/c/8f237c408f3007d7d9667623ffb41a9e9d661ee9
- https://git.kernel.org/stable/c/b52fd1644ad2c4e96bbec97543a966d7ad8f21ea
- https://git.kernel.org/stable/c/beb23092571e627190f23da4bb8548065cacd89c
- https://git.kernel.org/stable/c/e66215fc1878357d5c980066e650f542330524af