{"id":"CVE-2026-31753","summary":"auxdisplay: line-display: fix NULL dereference in linedisp_release","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nauxdisplay: line-display: fix NULL dereference in linedisp_release\n\nlinedisp_release() currently retrieves the enclosing struct linedisp via\nto_linedisp(). That lookup depends on the attachment list, but the\nattachment may already have been removed before put_device() invokes the\nrelease callback. This can happen in linedisp_unregister(), and can also\nbe reached from some linedisp_register() error paths.\n\nIn that case, to_linedisp() returns NULL and linedisp_release()\ndereferences it while freeing the display resources.\n\nThe struct device released here is the embedded linedisp-\u003edev used by\nlinedisp_register(), so retrieve the enclosing object directly with\ncontainer_of() instead.","modified":"2026-07-08T08:06:21.991053442Z","published":"2026-05-01T14:14:44.953Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31753.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/625fdac41cfc4ca9e1774a0d31d7985aec2c1d66"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7f138de156b20d9f9da6f72f90b63c01941d97d3"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31753.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31753"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"66c93809487e62c4f59ef08625a3fbc0a7de6dd2"},{"fixed":"625fdac41cfc4ca9e1774a0d31d7985aec2c1d66"},{"fixed":"7f138de156b20d9f9da6f72f90b63c01941d97d3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31753.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.12"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31753.json"}}],"schema_version":"1.7.5"}