Impact
The Linux kernel's mailbox subsystem contains a flaw where a receiving channel can be aliased to a transmitting channel that uses a different memory‑mapped I/O region. This special case is not handled during channel release, causing a double‑free of the same memory. The double‑free corrupts the kernel's memory allocator, potentially leading to a crash or denial of service.
Affected Systems
All Linux kernel builds that include the mailbox-test component and lack the patch are affected. The vendor is Linux and the product is the Linux kernel. No specific version range is given, so reference commit identifiers to identify patched kernels.
Risk and Exploitability
The CVSS score is 5.5 and the EPSS score is less than 1%, indicating a low exploitation probability. The vulnerability is not listed in CISA's KEV catalog. The double‑free can corrupt memory structures, potentially causing a kernel crash or denial of service. Exploitability would likely require local or privileged access to the mailbox subsystem, and no public exploit is known at this time.
OpenCVE Enrichment
Debian DLA