Use-after-free in Linux kernel - CVE-2026-53115
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the fsl-mc bus driver_override handling when matching drivers during device probing. A local user can trigger driver matching on a device with a stale driver_override reference to cause a denial of service.
The issue occurs because the match callback may access driver_override without the device lock held during __driver_attach().