HIGHCVE-2026-31475Published Modified CNA Linux
CVE-2026-31475: ASoC: sma1307: fix double free of devm_kzalloc() memory
In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: fix double free of devm_kzalloc() memory A previous change added NULL checks and cleanup for allocation failures in sma1307_setting_loaded(). However, the cleanup for mode_set entries is wrong. Those entries are allocated with devm_kzalloc(), so they are device-managed resources and must not be freed with kfree(). Manually freeing them in the error path can lead to a double free when devres later releases the same memory. Drop the manual kfree() loop and let devres handle the cleanup.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
01a82c3272626db9006f4c2cad3adf2916417aed66.156.18.216.19.117.0d472d1a52985211b92883bb64bbe710b45980190fe757092d2329c397ecb32f2bf68a5b1c4bd9193
Affected packages
- Linux / Linux< d472d1a52985211b92883bb64bbe710b45980190 (from 0ec6bd16705fe21d6429d6b8f7981eae2142bba8) · < 1a82c3272626db9006f4c2cad3adf2916417aed6 (from 0ec6bd16705fe21d6429d6b8f7981eae2142bba8) · < fe757092d2329c397ecb32f2bf68a5b1c4bd9193 (from 0ec6bd16705fe21d6429d6b8f7981eae2142bba8) · f8434b8ba437d3f6cbcd9ffe8405bd16ed28fc5c · < 6.15 (from 6.14.9)
- Linux / Linux6.15Fixed in 0, 6.18.21, 6.19.11, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H