Description
In the Linux kernel, the following vulnerability has been resolved:

gpib: lpvo_usb: fix memory leak on disconnect

The driver iterates over the registered USB interfaces during GPIB
attach and takes a reference to their USB devices until a match is
found. These references are never released which leads to a memory leak
when devices are disconnected.

Fix the leak by dropping the unnecessary references.
Published: 2026-05-01
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s GPIB driver contains a memory leak that occurs when a GPIB USB adapter is disconnected. The driver retains references to USB devices after a successful match, never releasing them. Over time, repeated connect and disconnect operations increase kernel memory consumption until a critical level is reached, potentially leading to kernel instability or a system-wide slowdown.

Affected Systems

The flaw is present in the Linux kernel itself; no particular vendor or version is specified, so every kernel release that has not incorporated the patch could be affected. Users of any Linux system running a kernel that still includes the buggy GPIB driver are at risk.

Risk and Exploitability

No CVSS or EPSS score is available and the vulnerability is not listed in the CISA KEV catalog. The leak requires repeated disconnects of GPIB USB adapters to accumulate a significant memory drain, making immediate exploitation unlikely. However, sustained use of GPIB adapters over time can gradually degrade system reliability and may lead to a denial of service through kernel memory exhaustion.

Generated by OpenCVE AI on May 2, 2026 at 10:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a Linux kernel update that includes the patch for the GPIB driver memory leak
  • If an update cannot be applied promptly, reduce the frequency of GPIB USB device connect/disconnect cycles to minimize memory growth
  • Monitor system memory usage for abnormal trends that may indicate the leak is active

Generated by OpenCVE AI on May 2, 2026 at 10:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-911
References

Fri, 01 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: gpib: lpvo_usb: fix memory leak on disconnect The driver iterates over the registered USB interfaces during GPIB attach and takes a reference to their USB devices until a match is found. These references are never released which leads to a memory leak when devices are disconnected. Fix the leak by dropping the unnecessary references.
Title gpib: lpvo_usb: fix memory leak on disconnect
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-01T14:14:52.553Z

Reserved: 2026-03-09T15:48:24.139Z

Link: CVE-2026-31760

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-01T15:16:39.047

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31760

cve-icon Redhat

Severity :

Publid Date: 2026-05-01T00:00:00Z

Links: CVE-2026-31760 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T10:30:40Z

Weaknesses