Skip to main content

Linux Kernel CVE-2026-31762

| EUVDEUVD-2026-26575 MEDIUM
Memory Leak (CWE-401)
2026-05-01 Linux
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Analysis Generated
May 08, 2026 - 20:30 vuln.today
CVSS changed
May 08, 2026 - 18:22 NVD
5.5 (MEDIUM)
Patch available
May 01, 2026 - 16:33 EUVD
Patch released
May 01, 2026 - 15:24 nvd
Patch available
EUVD ID Assigned
May 01, 2026 - 15:00 euvd
EUVD-2026-26575
CVE Published
May 01, 2026 - 14:14 nvd
MEDIUM 5.5
CVE Published
May 01, 2026 - 14:14 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

iio: gyro: mpu3050: Fix irq resource leak

The interrupt handler is setup but only a few lines down if iio_trigger_register() fails the function returns without properly releasing the handler.

Add cleanup goto to resolve resource leak.

Detected by Smatch: drivers/iio/gyro/mpu3050-core.c:1128 mpu3050_trigger_probe() warn: 'irq' from request_threaded_irq() not released on lines: 1124.

AnalysisAI

Resource leak in the Linux kernel MPU3050 gyro driver allows local authenticated users to cause denial of service through memory exhaustion by repeatedly triggering iio_trigger_register() failures that fail to release previously allocated interrupt handlers. The vulnerability affects multiple kernel versions and requires local access with unprivileged user privileges, resulting in potential system availability impact with low real-world exploitation likelihood (EPSS 0.02%).

Technical ContextAI

The vulnerability exists in drivers/iio/gyro/mpu3050-core.c within the mpu3050_trigger_probe() function of the Industrial I/O (IIO) subsystem's MPU3050 three-axis gyroscope driver. The IIO framework provides a standardized interface for industrial input/output devices. The root cause is a resource leak in the interrupt handler allocation path: request_threaded_irq() successfully allocates and registers an interrupt handler, but if iio_trigger_register() subsequently fails a few lines later, the function returns without calling the corresponding free_irq() cleanup routine. This is a classic resource leak pattern (CWE-401: Missing Release of Memory after Effective Lifetime) where allocated kernel resources remain bound even after the function fails, preventing their reuse and potentially exhausting kernel memory over repeated exploitation cycles.

RemediationAI

Apply vendor-released kernel patches by upgrading to patched versions: Linux 5.10.253, 5.15.203, 6.1.168, 6.6.134, 6.12.81, 6.18.22, 6.19.12, or 7.0 (or later) depending on the currently deployed kernel branch. The fix adds a cleanup goto statement to properly call free_irq() when iio_trigger_register() fails, ensuring interrupt handlers are released before function return. For systems unable to immediately patch, the primary compensating control is to prevent unprivileged users from accessing interfaces that trigger mpu3050_trigger_probe() (such as by restricting access to relevant sysfs or device nodes to root or trusted applications only via file permissions and AppArmor/SELinux policies), though this trade-off may disable legitimate device functionality for non-root users. Systems not using MPU3050 gyroscope hardware are unaffected. Kernel maintainers have backported fixes to all actively maintained stable branches; deployment should follow standard kernel update procedures including testing the patched version before production deployment.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-31762 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy