In the Linux kernel, the following vulnerability has been resolved:
ASoC: sma1307: fix double free of devm_kzalloc() memory
A previous change added NULL checks and cleanup for allocation failures in sma1307settingloaded().
However, the cleanup for modeset entries is wrong. Those entries are allocated with devmkzalloc(), so they are device-managed resources and must not be freed with kfree(). Manually freeing them in the error path can lead to a double free when devres later releases the same memory.
Drop the manual kfree() loop and let devres handle the cleanup.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31475.json",
"cna_assigner": "Linux"
}