Use-after-free in Linux kernel - CVE-2026-53025
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to use-after-free in the greybus raw character device handling in drivers/staging/greybus/raw.c when closing an opened character device after the associated raw bundle has been disconnected. A local user can keep the character device open and then close it after disconnect to cause a denial of service.
Exploitation requires that the character device remain opened by an application while the associated raw bundle is disconnected.