Description
In the Linux kernel, the following vulnerability has been resolved:

iio: gyro: mpu3050: Fix incorrect free_irq() variable

The handler for the IRQ part of this driver is mpu3050->trig but,
in the teardown free_irq() is called with handler mpu3050.

Use correct IRQ handler when calling free_irq().
Published: 2026-05-01
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The MPU3050 gyroscope driver in the Linux kernel incorrectly calls free_irq() with the wrong handler variable, causing the interrupt resource to be released improperly during teardown. This flaw can result in kernel instability or a panic, thereby denying service to the host system.

Affected Systems

All Linux kernels that include the buggy MPU3050 iio driver are affected, regardless of distribution or kernel branch, as the issue resides in the core driver code. No specific kernel version range is listed; any release lacking the patch that corrects the free_irq call remains vulnerable until updated.

Risk and Exploitability

Because the CVSS score is not supplied and the EPSS score is unavailable, the exact risk level is uncertain, but the flaw is known to cause a kernel crash and is not listed in CISA’s KEV catalog, indicating no confirmed exploitation. The likely attack vector requires local privilege or code execution within kernel context, as the flaw occurs during device shutdown; this reasoning is inferred from the driver cleanup context.

Generated by OpenCVE AI on May 2, 2026 at 10:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the kernel to a version that contains the MPU3050 driver fix by applying the patch commits cited in the references and rebuilding the kernel.
  • If an immediate kernel update is not possible, disable or blacklist the iio_gyro_mpu3050 module so the faulty IRQ release does not occur during shutdown.
  • Coordinate with distribution maintainers to obtain a patched kernel or request inclusion of the fix in the next release.

Generated by OpenCVE AI on May 2, 2026 at 10:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4561-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6243-1 linux security update
History

Sat, 02 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-763
References

Fri, 01 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect free_irq() variable The handler for the IRQ part of this driver is mpu3050->trig but, in the teardown free_irq() is called with handler mpu3050. Use correct IRQ handler when calling free_irq().
Title iio: gyro: mpu3050: Fix incorrect free_irq() variable
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-01T14:14:54.557Z

Reserved: 2026-03-09T15:48:24.139Z

Link: CVE-2026-31763

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-01T15:16:39.400

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31763

cve-icon Redhat

Severity :

Publid Date: 2026-05-01T00:00:00Z

Links: CVE-2026-31763 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T10:30:40Z

Weaknesses