CVE-2026-31629

April 24, 2026, 5:51 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCP_CLOSED checks In nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket state is LLCP_CLOSED, the code correctly calls release_sock() and nfc_llcp_sock_put() but fails to return. Execution falls through to the remainder of the function, which calls release_sock() and nfc_llcp_sock_put() again. This results in a double release_sock() and a refcount underflow via double nfc_llcp_sock_put(), leading to a use-after-free. Add the missing return statements after the LLCP_CLOSED branches in both functions to prevent the fall-through.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/796e0cac058252d0ad34ebe288e6f7979b5fc9b2
https://git.kernel.org/stable/c/8977fad2b3c6eefd414131168d597c5d1d5e1abf
https://git.kernel.org/stable/c/aba4712e8f0381cd5d196534ce2ad082626a5ab6
https://git.kernel.org/stable/c/ff3d9e8f7244293e303f7b6ef70774291c7c27e9

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-04-24
CVE-2026-31629

Timeline

Published: April 24, 2026, 3:16 p.m.
Last Modified: April 24, 2026, 5:51 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.