PT-2026-44285 · Linux · Linux Kernel
Published
2026-05-28
·
Updated
2026-06-04
·
CVE-2026-46162
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 7.0.11-1.1
Description
A double free issue exists in the Linux kernel within the
ice sf eth activate() function. When auxiliary device add() fails, the execution jumps to aux dev uninit and calls auxiliary device uninit(&sf dev->adev). The device release callback ice sf dev release() frees sf dev, but the error path continues to sf dev free, which calls kfree(sf dev) again.Recommendations
Update to version 7.0.11-1.1 or later.
Fix
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel