Use-after-free in Linux kernel - CVE-2026-53273
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the optee supplicant request handling in drivers/tee/optee/supp.c when a client exits before the supplicant finishes processing its request. A local user can trigger a race condition to cause a denial of service.
The issue occurs because the request can be freed by the client while its request ID remains referenced on the supplicant path.
How to mitigate CVE-2026-53273
Sources
- https://git.kernel.org/stable/c/373152c94e57e9592b68c100e224fbd943cfd608
- https://git.kernel.org/stable/c/387a926ee166814611acecb960207fe2f3c4fd3e
- https://git.kernel.org/stable/c/416259cb5bffecaaae5f76539deb535a8c1b2c34
- https://git.kernel.org/stable/c/724d0caffd4204b46f78efe22f18f8338031c6e1
- https://git.kernel.org/stable/c/9a0dc9279d0907b198f205a693aedf696b08145d
- https://git.kernel.org/stable/c/ae847ab29ded2d7cece4d5970f0edefa4137bf2f
- https://git.kernel.org/stable/c/d366a01475f927402c96a3fe78bfc06b924fc87d
- https://git.kernel.org/stable/c/d5b57bb314d79e99bebb58a53588fa11dd4dbf69