CVE-2026-31399

nvdimm/bus: Fix potential use after free in asynchronous initialization

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if device_add() fails in
nd_async_device_register(). Commit b6eae0f61db2 ("libnvdimm: Hold reference on parent while
scheduling async init") correctly added a reference on the parent device
to be held until asynchronous initialization was complete. However, if
device_add() results in an allocation failure the ref count of the
device drops to 0 prior to the parent pointer being accessed. Thus
resulting in use after free. The bug bot AI correctly identified the fix. Save a reference to the
parent pointer to be used to drop the parent reference regardless of the
outcome of device_add().

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-03-09 CVE Reserved
2026-04-03 CVE Published
2026-04-09 EPSS Updated
2026-04-13 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/b6eae0f61db27748606cc00dafcfd1e2c032f0a5	Vuln. Introduced
https://git.kernel.org/stable/c/8954771abdea5c34280870e35592c7226a816d95	Vuln. Introduced
https://git.kernel.org/stable/c/3e63a7f25cc85d3d3e174b9b0e3489ebb7eaf4ab	Vuln. Introduced
https://git.kernel.org/stable/c/1490de2bb0836fc0631c04d0559fdf81545b672f	Vuln. Introduced
https://git.kernel.org/stable/c/e31a8418c8df7e6771414f99ed3d95ba8aca4e05	Vuln. Introduced
https://git.kernel.org/stable/c/4f1a55a4f990016406147cf3e0c9487bf83e50f0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/9a0fb16ba5b372465a3a1ecd761c6fa911a4ab4d	2026-03-25
https://git.kernel.org/stable/c/e48bf8f1d2b12c1c5ba1f609edbd4cde5dadc20e	2026-03-25
https://git.kernel.org/stable/c/2c638259ad750833fd46a0cf57672a618542d84c	2026-03-25
https://git.kernel.org/stable/c/a226e5b49e5fe8c98b14f8507de670189d191348	2026-03-25
https://git.kernel.org/stable/c/84af19855d1abdee3c9d57c0684e2868e391793c	2026-03-25
https://git.kernel.org/stable/c/a8aec14230322ed8f1e8042b6d656c1631d41163	2026-03-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.1.167 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.1.167"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.6.130 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.6.130"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.12.78 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.12.78"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.18.20 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.18.20"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.19.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.19.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 7.0"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.4.164 Search vendor "Linux" for product "Linux Kernel" and version "4.4.164"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.137 Search vendor "Linux" for product "Linux Kernel" and version "4.9.137"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.81 Search vendor "Linux" for product "Linux Kernel" and version "4.14.81"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.18.19 Search vendor "Linux" for product "Linux Kernel" and version "4.18.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.19.2 Search vendor "Linux" for product "Linux Kernel" and version "4.19.2"		en		Affected