CVE-2026-23291
Description
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done with it.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
CVE-2026-23291 NameCVE-2026-23291 DescriptionIn the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done withβ¦
CVE-2026-23291
| Name | CVE-2026-23291 |
| Description | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done with it. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-4561-1, DLA-4606-1, DSA-6238-1, DSA-6243-1 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| linux (PTS) | bullseye | 5.10.223-1 | vulnerable |
| bullseye (security) | 5.10.257-1 | fixed | |
| bookworm | 6.1.170-3 | fixed | |
| bookworm (security) | 6.1.174-1 | fixed | |
| trixie | 6.12.86-1 | fixed | |
| trixie (security) | 6.12.90-2 | fixed | |
| forky | 7.0.9-1 | fixed | |
| sid | 7.0.10-1 | fixed | |
| linux-6.1 (PTS) | bullseye (security) | 6.1.174-1~deb11u1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| linux | source | bullseye | 5.10.257-1 | DLA-4606-1 | ||
| linux | source | bookworm | 6.1.170-1 | DSA-6243-1 | ||
| linux | source | trixie | 6.12.85-1 | DSA-6238-1 | ||
| linux | source | (unstable) | 6.19.8-1 | |||
| linux-6.1 | source | bullseye | 6.1.170-1~deb11u1 | DLA-4561-1 |
Notes
https://git.kernel.org/linus/12133a483dfa832241fbbf09321109a0ea8a520e (7.0-rc2)
Apply commands
https://git.kernel.org/linus/12133a483dfa832241fbbf09321109a0ea8a520e (7.0-rc2)OS impact
Linux kernel Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 7.0 | Affected | β |
| β | Affected | 5.10.253 |
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 6.12.85-1 |
| sid | Fixed | 6.19.8-1 |
| forky | Fixed | 6.19.8-1 |
| bullseye | Fixed | 6.1.170-1~deb11u1 |
| bookworm | Fixed | 6.1.170-1 |
References
- https://www.suse.com/security/cve/CVE-2026-23291.html
- https://security-tracker.debian.org/tracker/CVE-2026-23291
- https://git.kernel.org/stable/c/00477cab053dc4816b99141d8fcca7a479cfebeb
- https://git.kernel.org/stable/c/12133a483dfa832241fbbf09321109a0ea8a520e
- https://git.kernel.org/stable/c/4551d6cea00224ab65a0ef35e4e6da0e9c0a2d74
- https://git.kernel.org/stable/c/5be8aa2bcfb53158436182db8dee9d0b8e5901e6
- https://git.kernel.org/stable/c/6645b030b0c1fc5bf338bffb0044238f24b2f770
- https://git.kernel.org/stable/c/7398d6570501edc55a50ece820f369ab3c1df2e7
- https://git.kernel.org/stable/c/7ff14eb070f0efecb2606f8d7aa01b77d188e886
- https://git.kernel.org/stable/c/d1f6d20b3c2642ec85ce6ea5da7155746c31c6d0
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.