CVE-2026-53294

mailbox: mailbox-test: don't free the reused channel

EPSS 0.2%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Jun 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs.

Affected products

Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.kernel.org/stable/c/240c71a2aea36a1a4210f911a1c32ea88777e8e4 https://git.kernel.org/stable/c/3afca89fae501dbd7421e1777b5b8f033b1d98d0 https://git.kernel.org/stable/c/5c209299b0113e289e238fa5f2e8f00c59f76060 https://git.kernel.org/stable/c/5d4f3d0f64f1016cb78b400a70b67df91fac99b5 https://git.kernel.org/stable/c/82f6dcea46cf5de65c4ba7283f7c7b34de4a324d https://git.kernel.org/stable/c/88ebadbf0deefdaccdab868b44ff70a0a257f473 https://git.kernel.org/stable/c/c494a11da45ad7ec9b0ff216c3e3ace351193bb6 https://git.kernel.org/stable/c/fc0089f82c3e36060c2c79156bc2018bfb16b56b