SB20260626181 - Use-after-free in Linux kernel phonet



SB20260626181 - Use-after-free in Linux kernel phonet

Published: June 26, 2026

Security Bulletin ID SB20260626181
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Use-after-free (CVE-ID: CVE-2026-53157)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to use-after-free in phonet_device_destroy() when walking the per-net phonet device list with RCU readers after device removal. A local user can trigger destruction of a phonet_device while concurrent readers still hold a stale pointer to cause a denial of service.

The issue arises because the object is removed with RCU list semantics but may be freed before the RCU grace period has elapsed.


Remediation

Install update from vendor's website.