7.8
CVE-2026-53296
- EPSS 0.13%
- Veröffentlicht 26.06.2026 19:40:54
- Zuletzt bearbeitet 08.07.2026 03:52:56
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
mailbox: mailbox-test: free channels on probe error
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it was allocated with devm.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4 < 5.10.258
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.209
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.175
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.141
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.91
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.33
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.10
Linux ≫ Linux Kernel Version7.1 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.029 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/0ad8c4a03a358de7811ba1ab8cbd1fe76ad0ff6b
https://git.kernel.org/stable/c/15c4cc3850cfe1b973eb7b63c02314b267f06a64
https://git.kernel.org/stable/c/187069ccc3474516af32350e20d7e449160fa6de
https://git.kernel.org/stable/c/81c9e7e4030e71391ab479c4c6e17b64802577aa
https://git.kernel.org/stable/c/6c6ce2ccb4fcf1617fec83f91b21aa0265f30701
https://git.kernel.org/stable/c/742001919653e7313b4e91780c5d108be1692365
https://git.kernel.org/stable/c/02beb178e2e159daeb8f992d7abb16a37da31664
https://git.kernel.org/stable/c/c02053a9055d5fdfd32432287cca8958db1d5bc5