CVE-2026-31762
Interrupt Handler Resource Leak in Linux Kernel IIO Gyro MPU3050
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
| linux_kernel | mpu3050 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is a resource leak in the Linux kernel related to the iio gyro mpu3050 driver. Specifically, when the interrupt handler is set up using request_threaded_irq(), if the subsequent call to iio_trigger_register() fails, the function returns without properly releasing the interrupt handler resource. This leads to an irq resource leak.
The issue was detected by Smatch, a static analysis tool, which flagged that the irq requested was not released on certain lines of the source code. The fix involved adding a cleanup goto to ensure the irq resource is properly released in case of failure.
How can this vulnerability impact me? :
This vulnerability can lead to a resource leak in the Linux kernel's interrupt handling for the mpu3050 gyro driver. Over time, such leaks could cause system instability or degraded performance due to exhausted interrupt resources.
However, since this is a resource leak rather than a direct security exploit like privilege escalation or code execution, the immediate impact on system security may be limited.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability relates to a resource leak in the Linux kernel driver for the mpu3050 gyro sensor, specifically involving the interrupt handler not being properly released if iio_trigger_register() fails.
Detection would typically require checking the kernel source or logs for signs of irq resource leaks related to the mpu3050 driver. Since this is a kernel driver issue, there are no direct network commands to detect it.
You might inspect kernel logs for warnings or errors related to the mpu3050 gyro driver or irq resource leaks using commands like:
- dmesg | grep mpu3050
- journalctl -k | grep irq
- cat /proc/interrupts | grep mpu3050
However, no specific commands are provided in the available information to detect this vulnerability automatically.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been fixed by adding a cleanup goto to properly release the irq resource if iio_trigger_register() fails in the mpu3050 gyro driver.
Immediate mitigation steps include updating your Linux kernel to a version that contains this fix.
If updating is not immediately possible, consider disabling the mpu3050 gyro driver if it is not required on your system to avoid triggering the resource leak.