7.8

CVE-2026-53294

mailbox: mailbox-test: don't free the reused channel

In the Linux kernel, the following vulnerability has been resolved:

mailbox: mailbox-test: don't free the reused channel

The RX channel can be aliased to the TX channel if it has a different
MMIO. This special case needs to be handled when freeing the channels
otherwise a double-free occurs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.4 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.141
LinuxLinux Kernel Version >= 6.7 < 6.12.91
LinuxLinux Kernel Version >= 6.13 < 6.18.33
LinuxLinux Kernel Version >= 6.19 < 7.0.10
LinuxLinux Kernel Version7.1 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.03
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://git.kernel.org/stable/c/fc0089f82c3e36060c2c79156bc2018bfb16b56b
Patch
https://git.kernel.org/stable/c/5d4f3d0f64f1016cb78b400a70b67df91fac99b5
Patch
https://git.kernel.org/stable/c/c494a11da45ad7ec9b0ff216c3e3ace351193bb6
Patch
https://git.kernel.org/stable/c/3afca89fae501dbd7421e1777b5b8f033b1d98d0
Patch
https://git.kernel.org/stable/c/5c209299b0113e289e238fa5f2e8f00c59f76060
Patch
https://git.kernel.org/stable/c/82f6dcea46cf5de65c4ba7283f7c7b34de4a324d
Patch
https://git.kernel.org/stable/c/240c71a2aea36a1a4210f911a1c32ea88777e8e4
Patch
https://git.kernel.org/stable/c/88ebadbf0deefdaccdab868b44ff70a0a257f473
Patch