Use-after-free in Linux kernel - CVE-2026-53118
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the vdpa driver_override handling in the vDPA bus match callback when probing a driver through __driver_attach(). A local user can trigger driver matching while the driver_override field is accessed without the device lock to cause a denial of service.
The issue occurs because the bus match callback is invoked without the device lock held during this code path.