CVE-2026-31578

A flaw was found in the Linux kernel's as102_usb driver. A local user could exploit a race condition during the handling of USB device registration and deregistration. This vulnerability occurs when a device's memory is prematurely freed while an open file descriptor still exists, leading to a use-after-free or double-free condition. Such memory corruption could potentially allow for privilege escalation or cause a denial of service.