CVE-2026-31750

UNKNOWN 0.0

comedi: runflags cannot determine whether to reclaim chanlist

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: comedi: runflags cannot determine whether to reclaim chanlist syzbot reported a memory leak [1], because commit 4e1da516debb ("comedi: Add reference counting for Comedi command handling") did not consider the exceptional exit case in do_cmd_ioctl() where runflags is not set. This caused chanlist not to be properly freed by do_become_nonbusy(), as it only frees chanlist when runflags is correctly set. Added a check in do_become_nonbusy() for the case where runflags is not set, to properly free the chanlist memory. [1] BUG: memory leak backtrace (crc 844a0efa): __comedi_get_user_chanlist drivers/comedi/comedi_fops.c:1815 [inline] do_cmd_ioctl.part.0+0x112/0x350 drivers/comedi/comedi_fops.c:1890 do_cmd_ioctl drivers/comedi/comedi_fops.c:1858 [inline]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

4e1da516debbe6a573ffa0392e2809d180d0575c < 830c848aba9f047eb6b34288975ebeb8e8621451 4e1da516debbe6a573ffa0392e2809d180d0575c < 29f644f14b89e6c4965e3c89251929e451190a66

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/830c848aba9f047eb6b34288975ebeb8e8621451 git.kernel.org: https://git.kernel.org/stable/c/29f644f14b89e6c4965e3c89251929e451190a66