CyberRota
← Ana sayfaya dön

CVE-2026-53157

HIGH · CVSS 7.8 EPSS %0.14

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-25T09:16:33.073 · Çekilme zamanı: 2026-07-15T12:03:37.540499+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-53157
Severity
HIGH
CVSS
7.8
EPSS
%0.14
Linux

Orijinal NVD Açıklaması

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonet_device after RCU grace period phonet_device_destroy() removes a phonet_device from the per-net device list with list_del_rcu(), but frees it immediately. RCU readers walking the same list can still hold a pointer to the object after it has been removed, leading to a slab-use-after-free. Use kfree_rcu(), matching the lifetime rule already used by phonet_address_del() for the same object type.