CVE-2026-46288
Received Received - Intake

Use-After-Free in Linux Kernel of Unittest

Publication date: 2026-06-08

Last updated on: 2026-06-14

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changeset() The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct device_node. The call to of_node_put(nchangeset) can decrement the reference count to zero and free the node if there are no other holders. After that, the code still uses 'parent' to check for the presence of a property and to read a string property, leading to a use-after-free. Fix this by moving the of_node_put() call after the last access to 'parent', avoiding the UAF.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-08
Last Modified
2026-06-14
Generated
2026-06-29
AI Q&A
2026-06-08
EPSS Evaluated
2026-06-27
NVD
CVE-2026-46288
EUVD
EUVD-2026-35153

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
linux_kernel linux_kernel *
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a use-after-free (UAF) issue in the Linux kernel's unittest code, specifically in the function of_unittest_changeset().

In the function, a variable 'parent' is assigned the same struct device_node as 'nchangeset'. When of_node_put(nchangeset) is called, it can free the node if no other references exist. However, the code continues to use 'parent' after this call, leading to use of freed memory.

The fix involves moving the of_node_put() call to after the last use of 'parent', preventing the use-after-free condition.

Impact Analysis

Use-after-free vulnerabilities can lead to undefined behavior such as system crashes, memory corruption, or potential execution of arbitrary code.

In this case, since the vulnerability is in the Linux kernel's unittest code, it could potentially cause kernel instability or crashes if triggered.

Mitigation Strategies

The vulnerability is a use-after-free issue in the Linux kernel's of_unittest_changeset() function. To mitigate this vulnerability, you should update your Linux kernel to a version where this issue has been fixed.

Specifically, apply the patch that moves the of_node_put() call after the last access to the 'parent' variable to avoid the use-after-free condition.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46288. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart