Impact
A use‑after‑free condition exists in the Greybus raw driver of the Linux kernel. When a disconnect frees a connection object while a concurrent write is still referencing it, the kernel dereferences a null pointer and panics. This use‑after‑free (CWE‑825) can cause the operating system to crash, disrupting service and potentially providing a local denial‑of‑service.
Affected Systems
All Linux kernel variants that include the Greybus raw subsystem before the fix identified by commit 48d6c32bc049abd114e8f0836c0e7d7cbfba7827. No vendor‑specific product list is provided, and the CPE tracks the generic Linux kernel.
Risk and Exploitability
The flaw produces a local denial‑of‑service; the attacker must be able to issue write calls to the device file after the connection has been disconnected. Based on the description, it is inferred that this requires local write access to the Greybus raw character device, a privilege that is typically limited to root or privileged processes. The EPSS score of < 1% suggests a low probability of exploitation. The CVSS score of 7.8 indicates a high severity denial‑of‑service risk. The vulnerability is not catalogued in CISA's KEV list, indicating no publicly known exploits yet. Nevertheless, a kernel panic is severe enough to warrant prompt patching.
OpenCVE Enrichment