In the Linux kernel, the following vulnerability has been resolved:
net: mana: Guard mana_remove against double invocation
If PM resume fails (e.g., manaattach() returns an error), manaprobe() calls manaremove(), which tears down the device and sets gd->gdmacontext = NULL and gd->driver_data = NULL.
However, a failed resume callback does not automatically unbind the driver. When the device is eventually unbound, mana_remove() is invoked a second time. Without a NULL check, it dereferences gc->dev with gc == NULL, causing a kernel panic.
Add an early return if gdmacontext or driverdata is NULL so the second invocation is harmless. Move the dev = gc->dev assignment after the guard so it cannot dereference NULL.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53297.json",
"cna_assigner": "Linux"
}