mailbox: mailbox-test: free channels on probe error

Summary

CVECVE-2026-53296
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-26 20:17:22 UTC
Updated2026-06-30 14:44:27 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it was allocated with devm.

Risk And Classification

EPSS: 0.001760000 probability, percentile 0.073810000 (date 2026-07-02)

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 0ad8c4a03a358de7811ba1ab8cbd1fe76ad0ff6b git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 15c4cc3850cfe1b973eb7b63c02314b267f06a64 git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 187069ccc3474516af32350e20d7e449160fa6de git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 81c9e7e4030e71391ab479c4c6e17b64802577aa git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 6c6ce2ccb4fcf1617fec83f91b21aa0265f30701 git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 742001919653e7313b4e91780c5d108be1692365 git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 02beb178e2e159daeb8f992d7abb16a37da31664 git Not specified
CNA Linux Linux affected 8ea4484d0c2bb4e2152261943fa1a3522654b1c7 c02053a9055d5fdfd32432287cca8958db1d5bc5 git Not specified
CNA Linux Linux affected 4.4 Not specified
CNA Linux Linux unaffected 4.4 semver Not specified
CNA Linux Linux unaffected 5.10.258 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.209 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.175 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.141 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.91 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.33 6.18.* semver Not specified
CNA Linux Linux unaffected 7.0.10 7.0.* semver Not specified
CNA Linux Linux unaffected 7.1 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/02beb178e2e159daeb8f992d7abb16a37da31664 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/742001919653e7313b4e91780c5d108be1692365 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/15c4cc3850cfe1b973eb7b63c02314b267f06a64 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/81c9e7e4030e71391ab479c4c6e17b64802577aa 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/6c6ce2ccb4fcf1617fec83f91b21aa0265f30701 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/187069ccc3474516af32350e20d7e449160fa6de 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/c02053a9055d5fdfd32432287cca8958db1d5bc5 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/0ad8c4a03a358de7811ba1ab8cbd1fe76ad0ff6b 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report