CVE-2026-43056
HIGH EPSS 1.9%
Published May 1, 20262mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published May 1, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in add_adev() error path If auxiliary_device_add() fails, add_adev() jumps to add_fail and calls auxiliary_device_uninit(adev). The auxiliary device has its release callback set to adev_release(), which frees the containing struct mana_adev. Since adev is embedded in struct mana_adev, the subsequent fall-through to init_fail and access to adev->id may result in a use-after-free. Fix this by saving the allocated auxiliary device id in a local variable before calling auxiliary_device_add(), and use that saved id in the cleanup path after auxiliary_device_uninit().
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
1.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-416 Use After Free Memory Safety
Affected Products 9
References 5
- git.kernel.org https://git.kernel.org/stable/c/43f5b19fd190fea20d052bc84741b28031d5baa9
- git.kernel.org https://git.kernel.org/stable/c/5f4061f8225d18695e5afe9bbf1cb7bd673d7872
- git.kernel.org https://git.kernel.org/stable/c/c4ea7d8907cf72b259bf70bd8c2e791e1c4ff70f
- git.kernel.org https://git.kernel.org/stable/c/d88541ffd56d62a61e77209080001eddd4d69815
- git.kernel.org https://git.kernel.org/stable/c/e5a75bf026c686b91a7dc6f9c5caf5016745d1fe
Remediation
- git.kernel.org https://git.kernel.org/stable/c/43f5b19fd190fea20d052bc84741b28031d5baa9
- git.kernel.org https://git.kernel.org/stable/c/5f4061f8225d18695e5afe9bbf1cb7bd673d7872
- git.kernel.org https://git.kernel.org/stable/c/c4ea7d8907cf72b259bf70bd8c2e791e1c4ff70f
- git.kernel.org https://git.kernel.org/stable/c/d88541ffd56d62a61e77209080001eddd4d69815
- git.kernel.org https://git.kernel.org/stable/c/e5a75bf026c686b91a7dc6f9c5caf5016745d1fe