CVE-2026-31753

UNKNOWN 0.0

auxdisplay: line-display: fix NULL dereference in linedisp_release

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fix NULL dereference in linedisp_release linedisp_release() currently retrieves the enclosing struct linedisp via to_linedisp(). That lookup depends on the attachment list, but the attachment may already have been removed before put_device() invokes the release callback. This can happen in linedisp_unregister(), and can also be reached from some linedisp_register() error paths. In that case, to_linedisp() returns NULL and linedisp_release() dereferences it while freeing the display resources. The struct device released here is the embedded linedisp->dev used by linedisp_register(), so retrieve the enclosing object directly with container_of() instead.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

66c93809487e62c4f59ef08625a3fbc0a7de6dd2 < 625fdac41cfc4ca9e1774a0d31d7985aec2c1d66 66c93809487e62c4f59ef08625a3fbc0a7de6dd2 < 7f138de156b20d9f9da6f72f90b63c01941d97d3

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/625fdac41cfc4ca9e1774a0d31d7985aec2c1d66 git.kernel.org: https://git.kernel.org/stable/c/7f138de156b20d9f9da6f72f90b63c01941d97d3