CVE-2026-31730

A flaw was found in the Linux kernel's fastrpc component that could lead to a denial of service (DoS) or potentially arbitrary code execution. This memory corruption vulnerability, specifically a double-free, occurs when the cctx->remote_heap memory is freed twice due to an error handling issue in the fastrpc_init_create_static_process() function. If the INIT_CREATE_STATIC ioctl hits an error path and the rpmsg device is subsequently removed, fastrpc_rpmsg_remove() attempts to free the same memory again.