CVE-2026-53296
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
In the Linux kernel, the mailbox-test driver fails to free channels on probe error, causing a memory leak and potential use-after-free (UAF) scenarios because the client structure is removed automatically by devm.
Risk Assessment
The organization faces memory leaks and system instability, potentially leading to crashes or unexpected behavior during mailbox-test driver initialization errors.
Recommendation
Immediately update the Linux kernel to a version containing the fix that ensures channels are freed on probe error in the mailbox-test driver.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it was allocated with devm.

