CVE-2026-53157

In the Linux kernel, the following vulnerability has been resolved:

net: phonet: free phonet device after RCU grace period

phonet device destroy() removes a phonet device from the per-net device list with list del rcu(), but frees it immediately. RCU readers walking the same list can still hold a pointer to the object after it has been removed, leading to a slab-use-after-free.

Use kfree rcu(), matching the lifetime rule already used by phonet address del() for the same object type.