Use-after-free in Linux kernel - CVE-2026-23452
Published: April 6, 2026
Vulnerability identifier: #VU124918
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23452
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in pm_runtime_work() when handling device removal during runtime power management. A local user can trigger a race condition involving device removal to cause a denial of service.
The issue is caused by dereferencing the dev->parent pointer after the parent device has been freed. It is reproducible sporadically with blktest block/001 and results in a KASAN-reported slab-use-after-free.
How to mitigate CVE-2026-23452
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/29ab768277617452d88c0607c9299cdc63b6e9ff
- https://git.kernel.org/stable/c/39f2d86f2ddde8d1beda05732f30c7cd945e0b5a
- https://git.kernel.org/stable/c/5649b46af8b167259e8a8e4e7eb3667ce74554b5
- https://git.kernel.org/stable/c/bb081fd37f8312651140d7429557258afe51693d
- https://git.kernel.org/stable/c/c6febaacfb8a0aec7d771a0e6c21cd68102d5679
- https://git.kernel.org/stable/c/cf65a77c0f9531eb6cfb97cc040974d2d8fff043