Main Vulnerability Database Vulnerabilities #VU124531

#VU124531 Use After Free in Linux kernel - CVE-2026-23320

Published: March 25, 2026

Vulnerability identifier: #VU124531

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-23320

CWE-ID: CWE-416

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to cause a denial of service (system crash) or potentially execute arbitrary code.

The vulnerability exists due to a use-after-free in the USB gadget networking control model (NCM) functionality when handling device bind/unbind operations. A local user can trigger USB gadget disconnection to access a freed net_device structure, resulting in a NULL pointer dereference or use-after-free condition.

The issue arises because the net_device is allocated during configuration instance creation but not freed until the instance is destroyed, allowing it to outlive its parent USB gadget device upon unbind. This leads to dangling sysfs links and invalid memory references when the system attempts to access the already-freed device context.

Remediation

Install security update from vendor's repository.

#VU124531 Use After Free in Linux kernel - CVE-2026-23320

Description

Remediation

External links

Please verify you're human