CVE-2026-31629

A flaw was found in the Linux kernel's Near Field Communication (NFC) Logical Link Control Protocol (LLCP) subsystem. Missing return statements after LLCP_CLOSED checks in the nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc() functions can lead to a use-after-free vulnerability. This occurs because the system attempts to release resources twice, causing a reference count underflow. An attacker could potentially exploit this to cause a denial of service or other system instability.