CVE-2026-43440
Null service_wq in Linux kernel mana driver
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's net/mana component. It involves a use-after-free issue caused by not setting the service_wq pointer to NULL after a failed setup in the mana_gd_setup() function. Specifically, if the setup fails, the workqueue is destroyed but the pointer is not cleared, which can lead to the pointer being checked after it has been freed, causing a use-after-free condition.
How can this vulnerability impact me? :
The use-after-free vulnerability can lead to undefined behavior in the Linux kernel, potentially causing system crashes, instability, or allowing an attacker to execute arbitrary code with kernel privileges. This can compromise the security and reliability of systems running the affected Linux kernel versions.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved in the Linux kernel by setting the workqueue pointer to NULL after a failed setup to prevent use-after-free errors. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.