Use-after-free in Linux kernel - CVE-2026-53308
Published: June 29, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use-after-free in the max77705 power supply driver workqueue handling when processing an interrupt during driver probe error handling or device removal. A local user can trigger an interrupt in this time window to execute arbitrary code.
The issue occurs because the interrupt handler can schedule work after the workqueue has already been destroyed but before the interrupt handler is freed.