cve-2026-31506

CVE-2026-31506 is a Linux kernel vulnerability involving a double free in the bcmasp Ethernet driver's Wake-on-LAN IRQ cleanup. The issue arises when manual cleanup code attempts to free an IRQ that has already been handed to the devm_ managed resource framework, leading to potential system crashes or instability. The fix is straightforward, but the case highlights broader risks when kernel code mixes manual and managed resource allocation. The CVE was published on April 22, 2026, with no CVSS score assigned yet. This tag covers discussions and fixes related to this specific vulnerability.