Use-After-Free Vulnerability in Linux Kernel Affecting virt_wifi Devices
CVE-2026-31695

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-31695?

A vulnerability has been identified within the Linux kernel that affects virt_wifi devices. The issue arises during the unregistration of a virt_wifi device, specifically through the 'SET_NETDEV_DEV' functionality. This leads to a use-after-free scenario, where the system may attempt to access freed memory during ethtool operations, potentially resulting in undefined behavior or system crashes. This fix aims to enhance the stability and reliability of virt_wifi devices by removing the 'SET_NETDEV_DEV' function to prevent such memory access conflicts.

Affected Version(s)

Linux d43c65b05b848e0b2db1a6c78b02c189da3a95b5

References

https://git.kernel.org/stable/c/e90f3e74e1ebc26c461a74be4...

https://git.kernel.org/stable/c/dcb5915696bd7b32b6404a897...

https://git.kernel.org/stable/c/d1e3aa80e6e04410ba89eaaba...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31695 Data

JSON