CVE-2026-23158

UNKNOWN 0.0

gpio: virtuser: fix UAF in configfs release path

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guard(mutex) to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutex_unlock() to operate on freed memory. Specifically, gpio_virtuser_device_config_group_release() destroys the mutex and frees the device while still inside the guard(mutex) scope. When the function returns, the guard cleanup invokes mutex_unlock(&dev->lock), resulting in a slab use-after-free. Limit the mutex lifetime by using a scoped_guard() only around the activation check, so that the lock is released before mutex_destroy() and kfree() are called.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 14, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

91581c4b3f29e2e22aeb1a62e842d529ca638b2d < 815a8e3bf72811d402b30bd4a53cde5e9df7a563 91581c4b3f29e2e22aeb1a62e842d529ca638b2d < 7bec90f605cfb138006f5ba575f2310593347110 91581c4b3f29e2e22aeb1a62e842d529ca638b2d < 53ad4a948a4586359b841d607c08fb16c5503230

Linux / Linux

6.11

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/815a8e3bf72811d402b30bd4a53cde5e9df7a563 git.kernel.org: https://git.kernel.org/stable/c/7bec90f605cfb138006f5ba575f2310593347110 git.kernel.org: https://git.kernel.org/stable/c/53ad4a948a4586359b841d607c08fb16c5503230