Linux Kernel Vulnerability in NFC Protocol Handling by Vendor
CVE-2026-31629

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31629?

A flaw in the NFC protocol handling of the Linux Kernel causes potential issues during socket operations. In the functions nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), a failure to return after checking for a closed socket state allows execution to incorrectly proceed. This oversight can lead to a double release of socket resources and subsequently trigger a use-after-free condition. The issue is addressed by ensuring proper return statements are added following the LLCP_CLOSED condition checks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 796e0cac058252d0ad34ebe288e6f7979b5fc9b2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8977fad2b3c6eefd414131168d597c5d1d5e1abf

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/796e0cac058252d0ad34ebe28...

https://git.kernel.org/stable/c/8977fad2b3c6eefd414131168...

https://git.kernel.org/stable/c/ff3d9e8f7244293e303f7b6ef...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31629 Data

JSON