The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - hwmon: (powerz) Fix use-after-free on USB disconnect After powerz_disconnect() frees the URB and releases     the mutex, a subsequent powerz_read() call can acquire the mutex and call powerz_read_data(), which     dereferences the freed URB pointer. Fix by: - Setting priv->urb to NULL in powerz_disconnect() so that     powerz_read_data() can detect the disconnected state. - Adding a !priv->urb check at the start of     powerz_read_data() to return -ENODEV on a disconnected device. - Moving usb_set_intfdata() before hwmon     registration so the disconnect handler can always find the priv pointer. (CVE-2026-31582)

Note that Nessus relies on the presence of the package as reported by the vendor.

Detections

Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-31582

high Nessus Plugin ID 310315

Version 1.10