CVE-2026-31726

A flaw was found in the Linux kernel's USB Video Class (UVC) gadget driver. A race condition during power management (PM) transitions can cause a null pointer dereference. This occurs when the system attempts to access a deallocated gadget pointer, leading to a kernel panic. This vulnerability can be triggered by a local user or system process during power management operations, resulting in a Denial of Service (DoS) due to system instability.