CVE-2026-43056
Published: May 1, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in add_adev() error path If auxiliary_device_add() fails, add_adev() jumps to add_fail and calls auxiliary_device_uninit(adev). The auxiliary device has its release callback set to adev_release(), which frees the containing struct mana_adev. Since adev is embedded in struct mana_adev, the subsequent fall-through to init_fail and access to adev->id may result in a use-after-free. Fix this by saving the allocated auxiliary device id in a local variable before calling auxiliary_device_add(), and use that saved id in the cleanup path after auxiliary_device_uninit().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a69839d4327d053b18d8e1b0e7ddeee78db78f4f - < d88541ffd56d62a61e77209080001eddd4d69815affected a69839d4327d053b18d8e1b0e7ddeee78db78f4f - < 43f5b19fd190fea20d052bc84741b28031d5baa9affected a69839d4327d053b18d8e1b0e7ddeee78db78f4f - < 5f4061f8225d18695e5afe9bbf1cb7bd673d7872affected a69839d4327d053b18d8e1b0e7ddeee78db78f4f - < e5a75bf026c686b91a7dc6f9c5caf5016745d1feaffected a69839d4327d053b18d8e1b0e7ddeee78db78f4f - < c4ea7d8907cf72b259bf70bd8c2e791e1c4ff70f |
Linux | Linux | affected 6.2unaffected 0 - < 6.2unaffected 6.6.134 - <= 6.6.*unaffected 6.12.81 - <= 6.12.*unaffected 6.18.22 - <= 6.18.*+2 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now