CVE-2026-53294
Published: July 1, 2026Last modified: July 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.175-r0) |
| 25 LTS | linux-lts | Fixed (6.12.92-r0) | |
| Stream | linux-lts | Fixed (6.18.35-r1) |
References
- https://git.kernel.org/stable/c/240c71a2aea36a1a4210f911a1c32ea88777e8e4
- https://git.kernel.org/stable/c/3afca89fae501dbd7421e1777b5b8f033b1d98d0
- https://git.kernel.org/stable/c/5c209299b0113e289e238fa5f2e8f00c59f76060
- https://git.kernel.org/stable/c/5d4f3d0f64f1016cb78b400a70b67df91fac99b5
- https://git.kernel.org/stable/c/82f6dcea46cf5de65c4ba7283f7c7b34de4a324d
- https://git.kernel.org/stable/c/88ebadbf0deefdaccdab868b44ff70a0a257f473
- https://git.kernel.org/stable/c/c494a11da45ad7ec9b0ff216c3e3ace351193bb6
- https://git.kernel.org/stable/c/fc0089f82c3e36060c2c79156bc2018bfb16b56b