Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fix NULL dereference in linedisp_release linedisp_release() currently retrieves the enclosing struct linedisp via to_linedisp(). That lookup depends on the attachment list, but the attachment may already have been removed before put_device() invokes the release callback. This can happen in linedisp_unregister(), and can also be reached from some linedisp_register() error paths. In that case, to_linedisp() returns NULL and linedisp_release() dereferences it while freeing the display resources. The struct device released here is the embedded linedisp->dev used by linedisp_register(), so retrieve the enclosing object directly with container_of() instead.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.19, < 6.19.12 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/625fdac41cfc4ca9e1774a0d31d7985aec2c1d66Patch
- https://git.kernel.org/stable/c/7f138de156b20d9f9da6f72f90b63c01941d97d3Patch
FAQ
What is CVE-2026-31753?
CVE-2026-31753 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fix NULL dereference in linedisp_release linedisp_release() currently retrieves the enclosing struct lin...
How severe is CVE-2026-31753?
CVE-2026-31753 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-31753?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.