Impact
A race condition in the Linux kernel’s QRTR subsystem allows a concurrent RCU reader to acquire a pointer to a socket that has already been freed during port removal. The flaw stems from decrementing the socket’s reference count before the RCU grace period ends, breaking the RCU update paradigm. The result is a refcount saturation warning and a potential use‑after‑free vulnerability, which could corrupt memory. The weakness is a classic resource exploitation and concurrency flaw, mapped to CWE‑911 (Use‑After‑Free).
Affected Systems
All Linux kernel builds that include the QRTR driver are affected. The QRTR module is part of the upstream kernel. Any deployment using a kernel that contains the vulnerable QRTR code before the published patch may be exposed, regardless of distribution or specific kernel version.
Risk and Exploitability
With a CVSS score of 7.8 the vulnerability is high severity, but an EPSS score of less than 1% indicates a very low likelihood of exploitation at present. The flaw is not listed in CISA’s KEV catalog, suggesting no known active exploitation. Exploitation would require a race condition that is most likely to be triggered by a local or privileged user; this assessment is inferred from the description, as the CVE data does not specify an attacker model.
OpenCVE Enrichment
Debian DLA