Description
In the Linux kernel, the following vulnerability has been resolved:

iio: gyro: mpu3050: Fix incorrect free_irq() variable

The handler for the IRQ part of this driver is mpu3050->trig but,
in the teardown free_irq() is called with handler mpu3050.

Use correct IRQ handler when calling free_irq().
Published: 2026-05-01
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The MPU3050 gyroscope driver in the Linux kernel incorrectly calls free_irq() with the wrong handler variable, causing the interrupt resource to be released improperly during teardown. This flaw can result in a kernel crash or panic, thereby denying service to the host system.

Affected Systems

All Linux kernels that include the buggy MPU3050 iio driver are affected, regardless of distribution or kernel branch, as the issue resides in the core driver code. No specific kernel version range is listed; any release lacking the patch that corrects the free_irq call remains vulnerable until updated.

Risk and Exploitability

Because the CVSS score is now 5.5 and the EPSS score is <1%, the vulnerability is at moderate risk. The flaw can lead to a kernel crash, resulting in denial of service. It is not listed in CISA’s KEV catalog, indicating no confirmed exploitation. The likely attack vector requires local privilege or kernel context code execution during device shutdown, as the flaw occurs when the driver releases the IRQ handler.

Generated by OpenCVE AI on May 8, 2026 at 20:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the kernel to a version that contains the MPU3050 driver fix by applying the patch commits cited in the references and rebuilding the kernel.
  • If an immediate kernel update is not possible, disable or blacklist the iio_gyro_mpu3050 module so the faulty IRQ release does not occur during shutdown.
  • Coordinate with distribution maintainers to obtain a patched kernel or request inclusion of the fix in the next release.

Generated by OpenCVE AI on May 8, 2026 at 20:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4561-1 linux-6.1 security update
Debian DLA Debian DLA DLA-4606-1 linux security update
Debian DSA Debian DSA DSA-6243-1 linux security update
History

Fri, 08 May 2026 18:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 02 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-763
References

Fri, 01 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect free_irq() variable The handler for the IRQ part of this driver is mpu3050->trig but, in the teardown free_irq() is called with handler mpu3050. Use correct IRQ handler when calling free_irq().
Title iio: gyro: mpu3050: Fix incorrect free_irq() variable
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:15:20.588Z

Reserved: 2026-03-09T15:48:24.139Z

Link: CVE-2026-31763

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-01T15:16:39.400

Modified: 2026-05-08T18:05:36.157

Link: CVE-2026-31763

cve-icon Redhat

Severity :

Publid Date: 2026-05-01T00:00:00Z

Links: CVE-2026-31763 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-08T20:30:16Z

Weaknesses