Use-after-free in Linux kernel - CVE-2026-45916
Published: May 28, 2026
Vulnerability identifier: #VU132573
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-45916
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local attacker to cause a denial of service or corrupt memory.
The vulnerability exists due to use-after-free in the sbs-battery IRQ handler when handling an interrupt during device removal. A local attacker can trigger an interrupt race to cause a denial of service or corrupt memory.
A similar race can also occur during device probe if an interrupt fires before the power_supply handle is registered, leading to use of an uninitialized handle.
How to mitigate CVE-2026-45916
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/14d4dee5d8fb361bfff275832087254beab66d72
- https://git.kernel.org/stable/c/2078830c32d1e49ac942c6f8c21f35c806ae5e94
- https://git.kernel.org/stable/c/8010b745b436c3e1ca5dd960aa29fa3e0f6d8841
- https://git.kernel.org/stable/c/82d3eb97a976c9d56bb92b241397610e57a9c629
- https://git.kernel.org/stable/c/861dda7a9074c0ff67788928165ae39d7f647491
- https://git.kernel.org/stable/c/8d59cf3887fbabacef53bfba473e33e8a8d9d07b
- https://git.kernel.org/stable/c/ca7dd71773e4e050b0fb98768b7eae60f8d1f38b
- https://git.kernel.org/stable/c/f1f472b14ad56104ba228b8fbec60d5b21829913