CVE-2026-31749

Source
https://cve.org/CVERecord?id=CVE-2026-31749
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31749.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31749
Downstream
Published
2026-05-01T14:14:42.227Z
Modified
2026-07-08T07:01:41.149403215Z
Summary
comedi: ni_atmio16d: Fix invalid clean-up after failed attach
Details

In the Linux kernel, the following vulnerability has been resolved:

comedi: ni_atmio16d: Fix invalid clean-up after failed attach

If the driver's COMEDI "attach" handler function (atmio16d_attach()) returns an error, the COMEDI core will call the driver's "detach" handler function (atmio16d_detach()) to clean up. This calls reset_atmio16d() unconditionally, but depending on where the error occurred in the attach handler, the device may not have been sufficiently initialized to call reset_atmio16d(). It uses dev->iobase as the I/O port base address and dev->private as the pointer to the COMEDI device's private data structure. dev->iobase may still be set to its initial value of 0, which would result in undesired writes to low I/O port addresses. dev->private may still be NULL, which would result in null pointer dereferences.

Fix atmio16d_detach() by checking that dev->private is valid (non-null) before calling reset_atmio16d(). This implies that dev->iobase was set correctly since that is set up before dev->private.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31749.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2323b276308a5da5774b778f39c7fd94b2a3022a
Fixed
a01dd339ea6ac58b0967a50085622a6017351140
Fixed
933a2d6a95f9bfb203e562c9be1dd990c735535c
Fixed
5d8d88c8c0eec230de8f1f60e0920a4337939a88
Fixed
f517646e008fe99ca1800601cd011b110f8684ae
Fixed
3848ae00b1642e2c98ff8cbfd2d3b38c6f53b5c3
Fixed
43c68a2c7cc35b7c2a83c285cb4ad3d472b8caa2
Fixed
d07d97ca4f7fac467cdcf4a012690853958b7e89
Fixed
101ab946b79ad83b36d5cfd47de587492a80acf0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31749.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.30
Fixed
5.10.253
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.203
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.168
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.134
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.81
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.22
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.12

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31749.json"