Linux Kernel mmc: vub300 NULL-pointer deref on disconnect
CVE-2026-31651 Published on April 24, 2026
mmc: vub300: fix NULL-deref on disconnect
In the Linux kernel, the following vulnerability has been resolved:
mmc: vub300: fix NULL-deref on disconnect
Make sure to deregister the controller before dropping the reference to
the driver data on disconnect to avoid NULL-pointer dereferences or
use-after-free.
Products Associated with CVE-2026-31651
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below 6446516e626ce7c44bdadbcbb3d7677a2c52ce93 is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below ba3b9429de94958dc0060d9816a915dd75c34919 is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below 517b58e1d067115f80d198feee10192da4c424d0 is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below 6468cab1173f44f7a4b7a05ce8abfdfd1ce1557a is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below 53f2642d77ab5f1f303388bff5500363c6cf962c is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below c83a282615d8f7ba28cebddd54600b419d562d82 is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below 8d09e75759cb2afc0732acfb5a14a93c03805a61 is affected.
- Version 88095e7b473a3d9ec3b9c60429576e9cbd327c89 and below dff34ef879c5e73298443956a8b391311ba78d57 is affected.
- Version 3.0 is affected.
- Before 3.0 is unaffected.
- Version 5.10.253, <= 5.10.* is unaffected.
- Version 5.15.203, <= 5.15.* is unaffected.
- Version 6.1.169, <= 6.1.* is unaffected.
- Version 6.6.135, <= 6.6.* is unaffected.
- Version 6.12.82, <= 6.12.* is unaffected.
- Version 6.18.23, <= 6.18.* is unaffected.
- Version 6.19.13, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.