CVE-2026-31399
ADVISORY - nistSummary
In the Linux kernel, the following vulnerability has been resolved:
nvdimm/bus: Fix potential use after free in asynchronous initialization
Dingisoul with KASAN reports a use after free if device_add() fails in nd_async_device_register().
Commit b6eae0f61db2 ("libnvdimm: Hold reference on parent while scheduling async init") correctly added a reference on the parent device to be held until asynchronous initialization was complete. However, if device_add() results in an allocation failure the ref count of the device drops to 0 prior to the parent pointer being accessed. Thus resulting in use after free.
The bug bot AI correctly identified the fix. Save a reference to the parent pointer to be used to drop the parent reference regardless of the outcome of device_add().
Common Weakness Enumeration (CWE)
Use After Free
Improper Update of Reference Count
NIST
1.8
CVSS SCORE
7.8highDebian
-
Ubuntu
1.8
CVSS SCORE
7.8lowAmazon
-
CVSS SCORE
N/AhighAmazon
-
CVSS SCORE
N/AhighAmazon
-
CVSS SCORE
N/AhighRed Hat
1.0
CVSS SCORE
4.7mediumOracle
-
CVSS SCORE
N/AhighPhoton
CVE-2026-31399
-