CVE-2026-31760
Memory Leak in Linux Kernel GPIB Driver
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's gpib driver, specifically in the lpvo_usb component. The driver iterates over registered USB interfaces during the GPIB attach process and takes references to their USB devices until it finds a match. However, these references are never released, which causes a memory leak when devices are disconnected.
The issue was fixed by dropping the unnecessary references to prevent the memory leak.
How can this vulnerability impact me? :
This vulnerability can lead to a memory leak in the Linux kernel when USB devices are disconnected. Over time, this memory leak could cause increased memory usage, potentially degrading system performance or leading to system instability if the leak is significant and persistent.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability described is a memory leak in the Linux kernel's gpib: lpvo_usb driver related to USB device references not being released on disconnect.
There is no information provided about any impact on data confidentiality, integrity, or availability that would relate to compliance with standards such as GDPR or HIPAA.
Therefore, based on the available information, this vulnerability does not have a direct or stated effect on compliance with common standards and regulations like GDPR or HIPAA.