Use-after-free in Linux kernel - CVE-2026-53296
Published: June 29, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the mailbox-test driver when handling probe errors. A local user can trigger a probe error to cause a denial of service.
The issue occurs because previously obtained channels are not freed before the client structure is removed.
How to mitigate CVE-2026-53296
Sources
- https://git.kernel.org/stable/c/02beb178e2e159daeb8f992d7abb16a37da31664
- https://git.kernel.org/stable/c/0ad8c4a03a358de7811ba1ab8cbd1fe76ad0ff6b
- https://git.kernel.org/stable/c/15c4cc3850cfe1b973eb7b63c02314b267f06a64
- https://git.kernel.org/stable/c/187069ccc3474516af32350e20d7e449160fa6de
- https://git.kernel.org/stable/c/6c6ce2ccb4fcf1617fec83f91b21aa0265f30701
- https://git.kernel.org/stable/c/742001919653e7313b4e91780c5d108be1692365
- https://git.kernel.org/stable/c/81c9e7e4030e71391ab479c4c6e17b64802577aa
- https://git.kernel.org/stable/c/c02053a9055d5fdfd32432287cca8958db1d5bc5