CVE-2026-23291

MEDIUM

nfc: pn533: properly drop the usb interface reference on disconnect

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done with it.

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (29)
linux/Kernel 3.1.0 - 5.10.253linux
linux/Kernel 3.1.0 - 6.1.167linux
linux/Kernel 5.11.0 - 5.15.203linux
linux/Kernel 5.16.0 - 6.1.167linux
linux/Kernel 6.13.0 - 6.18.17linux
linux/Kernel 6.19.0 - 6.19.7linux
linux/Kernel 6.2.0 - 6.6.130linux
linux/Kernel 6.7.0 - 6.12.77linux
Linux/Linux < 3.1
Linux/Linux 3.1
... and 19 more
Published Mar 25, 2026
Tracked Since Mar 25, 2026