Use-after-free in Linux kernel - CVE-2026-43447
Published: May 8, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the iavf PTP worker and reset handling when processing device reset or disable operations. A local user can trigger a reset race condition to cause a denial of service.
The issue occurs when adapter resources are freed while the PTP worker is still running and issuing PTP commands.