CVE-2026-43056
Use-After-Free in Linux Kernel's mana Driver
Publication date: 2026-05-01
Last updated on: 2026-05-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's net subsystem, specifically in the mana driver within the add_adev() function.
When the function auxiliary_device_add() fails, add_adev() jumps to an error handling path where it calls auxiliary_device_uninit() on the auxiliary device.
The auxiliary device's release callback frees the memory of the containing structure (mana_adev). Since the code later tries to access the freed memory (adev->id), this results in a use-after-free vulnerability.
The fix involves saving the auxiliary device id before calling auxiliary_device_add() and using this saved id during cleanup to avoid accessing freed memory.
How can this vulnerability impact me? :
A use-after-free vulnerability can lead to undefined behavior including system crashes, data corruption, or potential escalation of privileges if exploited.
In this specific case, an attacker or a faulty process could trigger the error path in add_adev(), causing the kernel to access freed memory, which might be leveraged to compromise system stability or security.