Impact
The vulnerability allows a slab-use-after-free due to freeing a phonet_device immediately after it has been removed from the list via list_del_rcu. This race between RCU read‑side protection and immediate deallocation can corrupt kernel memory or result in the execution of arbitrary code. The weakness is a classic use‑after‑free in kernel space and can compromise system integrity and confidentiality.
Affected Systems
The flaw affects the Linux kernel’s phonet subsystem. No specific kernel releases are listed in the data, so all kernel versions prior to the fix are considered vulnerable.
Risk and Exploitability
The EPSS score is < 1%, indicating a low exploitation probability, and the vulnerability is not listed in CISA KEV. The likely attack vector is a network-based exploitation that leverages malicious phonet traffic to trigger the race condition. In an appropriate environment, the flaw can lead to kernel memory corruption and potentially remote code execution. The CVSS score of 7.0 indicates high severity, underscoring the need for immediate action.
OpenCVE Enrichment
Debian DSA